Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
RIVERSIDE COMMUNITY HOSPITAL
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on December 29, 2011. Also cited in 64 other reports.
Report ID: 6OTK11.01, California Department of Public Health
Reported Entity: RIVERSIDE COMMUNITY HOSPITAL
Issue:
Based on interview and record review, the facility failed for one patient, Patient 101, to ensure patient confidential information was only provided to an individual with authorization to access the information by failing to verify the patient name on the COA form was the same name as the patient who signed the form. This resulted in the unauthorized disclosure of Patient 101's Protected Health Information to Patient 102.Findings:On December 29, 2011, at 10 a.m., a COA form containing information for Patient 101 was reviewed. The printed information on the top of the COA included Patient 101's name, DOB, account number, medical records number, DOS, and physician's name. The COA form was signed by Patient 102 instead of Patient 101.In an interview with the Privacy Officer on December 29, 2011, at 10 a.m., she stated the incident was discovered during a "chart check" by medical records personnel. The Privacy Officer stated the registration clerk did not check the computer screen to verify the correct patient before printing the COA form. As a result, Patient 101's COA was released to Patient 102.
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280