Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
STANFORD HOSPITAL
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on June 20, 2012. Also cited in 15 other reports.
Report ID: XSPH11.01, California Department of Public Health
Reported Entity: STANFORD HOSPITAL
Issue:
Based on interview and record review, the hospital failed to protect the right for confidential medical treatment for one of one sampled patient (1). Findings:Patient 1 was admitted to the hospital on 3/15/12 with complaints of fever and chills. On 6/22/12 at 12 p.m. during an interview with the hospital's privacy officer, she stated that on 3/21/12 she received a call from an assistant clinical manager. The assistant clinical manager called to report a possible privacy breach. The assistant clinical manager stated she was walking by EM 1's computer and noticed EM 1 had accessed Patient 1's medical record. Patient 1 was also an employee of the hospital and EM 1's co-worker. After an internal investigation the hospital identified EM 1, EM 2, and EM 3 had accessed Patient 1's medical record without business related reasons to do so. EM 1, EM 2, and EM 3 confessed to accessing Patient 1's medical record without a business related reason to do so.On 6/22/12 at 12:05 p.m. a review of the audit log for the above incident was conducted. The log indicated Patient 1's medical record number, date of birth, and extensive medical information was disclosed.
Outcome:
Deficiency cited by the California Department of Public Health: Patients' Rights