Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
DOCTORS MEDICAL CENTER
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on February 21, 2014. Also cited in 64 other reports.
Report ID: XVK811, California Department of Public Health
Reported Entity: DOCTORS MEDICAL CENTER
Issue:
Based on staff interview, facility and administrative document review the facility failed to keep Protected Health Information (PHI) confidential when:1. Lab results for Patient 1 were faxed to another healthcare facility. (CA00375520)2. Discharge instructions, a drug prescription, and a work release form for Patient 3 were given to Patient 4. (CA00380735) These failures placed Patient 1 and Patient 3's PHI at a potential for unauthorized use.Findings:CA003755201. On 2/21/14 at 10:30 a.m., the Privacy Officer (PO) stated Patient 1's lab results were included with Patient 2's PHI when faxed to another healthcare facility. The PO stated the Registered Nurse (RN) 1 did not check all the sheets of paper he was sending prior to sending the fax. The PO stated the RN 1 should have checked all paperwork before he sent the fax. The PHI disclosed included Patient 1's name, date of birth, medical record number, and lab results.The facility policy and procedure titled, "Record Processing & Information Handling Standard" dated 9/16/13 indicated, "....III. Standard: A. Record Processing. Protected Health Information (PHI) and other Confidential/Proprietary Information, whether in electronic or paper format, shall be protected from unauthorized disclosure throughout the process of routine and non-routine receipt, creation, manipulation, storage, dissemination, transmission, and/or disposal. It is expected all Users will maintain the confidentiality of this information..."CA003807352. On 2/21/14 at 10:15 a.m., the Privacy Officer (PO) stated on 10/26/13 Registered Nurse (RN) 2 gave Patient 3's discharge instructions, prescription, and work release form to Patient 4 upon Patient 4's discharge from the facility. The PO stated the RN did not check all documents for the correct patient's name when Patient 4 was discharged. The PHI disclosed included Patient 3's name, medical record number, medications prescribed, work release form, and discharge instructions. The facility policy and procedure titled, "Record Processing & Information Handling Standard" dated 9/16/13 indicated, "....III. Standard: A. Record Processing. Protected Health Information (PHI) and other Confidential/Proprietary Information, whether in electronic or paper format, shall be protected from unauthorized disclosure throughout the process of routine and non-routine receipt, creation, manipulation, storage, dissemination, transmission, and/or disposal. It is expected all Users will maintain the confidentiality of this information..."
Outcome:
Deficiency cited by the California Department of Public Health: Patients' Rights