Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
EISENHOWER MEDICAL CENTER
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on September 28, 2011. Also cited in 279 other reports.
Report ID: USQT11.01, California Department of Public Health
Reported Entity: EISENHOWER MEDICAL CENTER
Issue:
Based on interview and documents review, the facility failed, for one patient (Patient A), to ensure that Protected Health Information (PHI) was not disclosed to an entity not authorized to receive the information. This failed practice had the potential to result in medical identity theft and/or fraud. Findings:On September 28, 2011, at 10 a.m., an investigation regarding unauthorized disclosure of Patient A's PHI was conducted. During a concurrent interview with the facility's Information Privacy Officer (IPO), she stated a facility employee wrongfully registered Patient A for laboratory services. The PHI included patient's name, medical record number, date of birth, gender, and the laboratory results. The IPO stated this mistake was discovered on August 16, 2011. The laboratory company was contacted. The laboratory company shredded Patient A's laboratory registration documents afterwards. On September 28, 2011, a review of facility documents included:a. A letter addressed to Patient A, dated August 22, 2011, indicated the facility notified Patient A of the privacy breach.
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280