Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
EL CENTRO REGIONAL MEDICAL CENTER
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on January 28, 2014. Also cited in 38 other reports.
Report ID: QWUS11, California Department of Public Health
Reported Entity: EL CENTRO REGIONAL MEDICAL CENTER
Issue:
Based on interview, record and document review, the hospital failed to safeguard protected health information (PHI-any information about health status, provision of health care, or payment of health care that can be linked to a specific individual) from unauthorized person(s) in accordance with their policy and procedure for 1of 2 sampled patient's (1). As a result, Patient 2 received an x-ray film (images of bone structures) which was intended for Patient 1. Findings:On 2/12/15 at 12:00 P.M., an interview was conducted with the Compliance Officer (CO). During the interview, the CO stated that a Radiology Technician (RT) inadvertently gave Patient 2 another patient's (Patient 1) X-ray film. In addition, the CO stated that the process for protecting patient confidentiality was not followed. On 2/12/15 at 12:20 P.M., an interview was conducted with the CO. The CO acknowledged that the hospital failed implement their policy and procedure as well as their HIPPA process.On 2/12/15 at 2:15 P.M., Patient 1's PHI, the hospital's policy and procedure titled "Access to and Maintenance of the Health Record" dated 5/28/13 and a document titled "HIPPA violation prevention process" (HIPPA process) dated 11/25/13, were reviewed. The PHI which was not safeguarded included the following: Patient 1's name, age, chief complaint, medical record number, arrival and departure date and time, type of X-ray performed, the ordering physician and the X-ray results. The policy and procedure indicated, " All individuals engaged in the collection, handling or dissemination of patient health information should protect the confidentiality of the patient." The HIPPA process indicated that staff were instructed to use 2 patient identifiers and place the patient's sticker on the records that correlates with the documents intended for the patient. In addition, the process indicated that the patient was to initial acknowledgement of the correct name and document received. The hospital's policy and procedure and HIPPA process were not followed. As a result, Patient1's PHI was not safeguarded when, Patient 2 received an x-ray film which was intended for Patient 1.
Outcome:
Deficiency cited by the California Department of Public Health: Patients' Rights