Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
EISENHOWER MEDICAL CENTER
Cited by the California Department of Public Health for violations of California’s Health and Safety Code relating to medical privacy during an inspection that began on November 20, 2013. Also cited in 279 other reports.
Report ID: FYY511.02, California Department of Public Health
Reported Entity: EISENHOWER MEDICAL CENTER
Issue:
Based on interview and record review, the facility failed to notify the California Department of Public Health (CDPH) of the unauthorized disclosure of Patient A and Patient B's protected health information (PHI) within five business days after the disclosure was detected by the facility. This resulted in a delay in the notification of CDPH and a possible delay in the investigation of the unauthorized disclosure of Patient A and B's PHI. Findings:On November 20, 2013, at 10 a.m., the Compliance Specialist (CS) was interviewed. The CS stated on October 13, 2013, an employee in the Emergency Department (ED) faxed two face sheets belonging to Patient A and Patient B to an unintended insurance provider. The insurance provider notified the ED on the same day of the error. The CS stated, the ED staff did not notify the Privacy Department until 12 days later. She stated they should have notified them right away.The CS stated she was aware of the five day requirement to notify CDPH.The facility policy and procedure titled, "Information Privacy," reviewed/revised December 19, 2011, revealed, "... The Information Privacy Officer will contact the Department within (5) five days of discovery..."
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280