EISENHOWER MEDICAL CENTER

Report ID: HQLM11.01, California Department of Public Health

Reported Entity: EISENHOWER MEDICAL CENTER

Issue:

Based on interview and document review, the facility failed for one patient (Patient A), to ensure that (PHI) Protected Health Information was not disclosed to any entity not authorized to receive the information. This failed practice resulted in unauthorized access to Patient A's demographic information and medical records.Findings:On September 10, 2012, unannounced visit was made to the facility to investigate a breach of PHI. On September 10, 2012, at 2:30 p.m.,interview was conducted with the Compliance Officer. The Compliance Officer stated the breached occurred at one of their primary care clinics. A magnetic resonance imaging (MRI) requisition for Patient A was given to Patient B. The Compliance Officer stated the breached occurred on March 30, 2012, but they did not become aware of the incident until the following Monday, April 2, 2012, when Patient B called the clinic to reported the breach. The facility's policy and procedure titled, "HIPAA - Use and Disclosure of Protected Health Information," was reviewed. The policy indicated, "To protect the patient's right to privacy and confidentiality, at no time will names or information be shared with any person who does not have a need to know in order to provide patient care..." The facility failed for Patient A, to ensure their Protected Health Information was not disclosed to any entity not authorized to receive the information, resulting in unauthorized access to Patient A's lab results and demographic information.

Outcome:

Deficiency cited by the California Department of Public Health: Health & Safety Code 1280

Related Reports:

16 other violations reported on the same date. Note that other citations may be about the same event: 0B0011.01, 0RFI11.01, 5RJU11.01, 6Y8Z11.01, 78UZ11.01, 8W3U11.01, BJKK11.01, FOJX11.01, IBVX11.01, M5TE11.01, OVIN11.01, Q1SN11.01, TOBU11.01, WHRC11.01, WHRC11.02, XRSE11.01