Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
RIVERSIDE COMMUNITY HOSPITAL
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on December 3, 2014. Also cited in 64 other reports.
Report ID: WIN711, California Department of Public Health
Reported Entity: RIVERSIDE COMMUNITY HOSPITAL
Issue:
Based on interview and record review, the facility failed to prevent unauthorized disclosure of protected health information (PHI) for one patient (Patient 2) when a portion of her medical record was sent to a skilled nursing facility (SNF) with a different patient's (Patient 1) transfer paperwork. This failed practice resulted in unauthorized persons having access to PHI for Patient 2, and the potential for physical and emotional harm.Findings:During an interview with the facility privacy officer (PO) on December 3, 2014, at 3:30 p.m., the PO stated Patient 1 was transferred from the facility to a SNF on October 8, 2014. According to the PO, when Patient 1 arrived at the SNF, the paperwork that was sent with Patient 1 contained medication administration records (MARs) for Patient 2.The MARs for Patient 2 that were sent to the SNF with Patient 1 were reviewed on December 3, 2014. The MARs contained the following PHI:1. Name;2. Age;3. Sex;4. Diagnosis;5. Admit date;6. Medical record number;7. Account number;8. Allergies;9. Lab values;10. Medications ordered;11. Medications given; and,12. Location in the hospital.Failure of the staff to verify they were sending the correct medical record documents with Patient 1 resulted in unauthorized disclosure of PHI for Patient 2.
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280