Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Adventist Medical Center
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on September 20, 2013. Also cited in 29 other reports.
Report ID: IZM611, California Department of Public Health
Reported Entity: ADVENTIST MEDICAL CENTER
Issue:
Based on staff interview, clinical record review, and administrative document review, the facility failed to ensure confidential treatment of protected health information (PHI) when medical records of Patient 1 were faxed to a facility. The receiving facility requested the medical records for Patient 2. This failure resulted in unauthorized access to patient 1's confidential information and the potential for abuse of that information.Findings:On 9/20/13 at 1:37 p.m., during an interview, the Privacy Officer (PO) stated the medical records for Patient 1 were faxed to a facility which requested the medical records for Patient 2 by a Medical Record Analyst. Patient 1's PHI breached included: name, address, birth date, age, phone number, account number, driver's license number, sex, guarantor information, diagnosis, insurance carrier, history and physical, discharge summaries notes, consultations, and surgical history. The hospital policy and procedure titled, "Faxing Patient Protected Health Information (PHI)", dated 11/28/12, indicated "...It is the sender's responsibility to be aware of the content of the faxes they are sending, to exercise caution in faxing confidential information..."
Outcome:
Deficiency cited by the California Department of Public Health: Patients' Rights