MAMMOTH HOSPITAL

Report ID: YPQF11, California Department of Public Health

Reported Entity: MAMMOTH HOSPITAL

Issue:

Based on interview and record review, the hospital failed to maintain the privacy and confidentiality for two patients, Patient A and Patient B, by failing to ensure that the correct records were given to each patient. The hospital failed to ensure that Patient A did not receive Patient B's records and that Patient B did not receive Patient's A records. This failure resulted in each patient receiving the other's medical records.Findings:An interview was conducted with the hospital's Information Security Officer (ISO)on 1/3/12 at 2:30 PM. He stated that on 12/7/11 a medical records employee was preparing records to send out to two different patients, Patient A and Patient B. He stated that Patient A's records were sent to Patient B and Patient B's records were sent to Patient A. A review of the hospital's investigation revealed that for Patient A there were two copies of laboratory reports regarding the patient's cholesterol and blood fat levels. The records for Patient B contained two pages of notes from a clinic visit, two pages of notes from another clinic visit, and one CD containing medical imaging (X-rays), that was not opened by the receiving patient. The report stated that all of the medical records were recovered from the patients and the patients were notified and given the correct medical records.A review of the hospital policy titled "Release of Information, dated 1/05, revealed that "All physicians and staff preserve the integrity and the confidentiality of our patients."In a follow up interview with the ISO, on 1/5/12 at 9 AM, he stated that he realized that breach was committed by a hospital employee; however, he stated that it was not intentional.

Outcome:

Deficiency cited by the California Department of Public Health: Patients' Rights