Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
SANTA CLARA VALLEY MEDICAL CENTER
Cited by the California Department of Public Health for violations of California’s Health and Safety Code relating to medical privacy during an inspection that began on October 31, 2014. Also cited in 90 other reports.
Report ID: UMGJ11.01, California Department of Public Health
Reported Entity: SANTA CLARA VALLEY MEDICAL CENTER
Issue:
Based on interview and record review, the hospital failed to prevent the unauthorized disclosure of patient health information (PHI) for one of two sampled patients (1), when medications containing PHI were dispensed to an incorrect patient. The failure resulted in the disclosure of Patient 1's PHI to an unauthorized individual. Findings:The California Department of Public Health received a faxed report on 3/27/14, which indicated, upon discharge on 3/21/14, Patient 2 was supposed to receive Seroquel (anti-psychotic medication), but was given Patient 1's Haldol (anti-psychotic medication), Ativan (anti-anxiety medication), and Inderal (anti-anxiety medication) instead. The hospital's internal investigation concluded a staff member had picked up medications for Patient 1 and 2 to prepare both patients for discharge. When Patient 2 was discharged, he was inadvertently given Patient 1's medication, disclosing Patient 1's name and medication information to Patient 2. During an interview on 10/31/14 at 11:20 a.m., the compliance and privacy officer (CPO) stated the discharge medications for Patient 1 and Patient 2 were picked up from the pharmacy at 2:09 p.m. on 3/21/14. Patient 2 was discharged with Patient 1's Haldol 10 mg, Ativan 1 mg, and Inderal 20 mg, instead of his medication (Seroquel 300 mg). CPO stated the error was discovered approximately two hours later when Patient 1 was being discharged and the hospital staff realized Patient 2 had been discharged with Patient 1's medications. During an interview on 10/31/14 at 11:25 a.m., the director of nursing (DON) stated when Patient 2 was being discharged, the discharge nurse should have verified Patient 2's medications, compared them to the physician's orders, checked the patient's identification band, and matched all of it with the physician's orders. DON further stated the labels on the bottles of medications disclosed Patient 1's name, medication names, and the dosage of medications. A review of a copy of a letter dated 3/27/14, from the hospital to Patient 1 indicated Patient 1's three medications were inadvertently given to Patient 2, which disclosed Patient 1's name and medication information. A review of a copy of the labels on Patient 1's medication bottles disclosed Patient 1's name, medication name, and dosage.A review of a copy of the hospital's 12/27/13 "Workforce General obligations Regarding Uses & Disclosures of PHI" policy indicated the hospital system must ensure that all workforce members take reasonable steps to safeguard PHI from any intentional or unintentional disclosure.
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280