Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
COMMUNITY HOSPITAL OF THE MONTEREY PENINSULA
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on July 9, 2014. Also cited in 24 other reports.
Report ID: IB8411.01, California Department of Public Health
Reported Entity: COMMUNITY HOSPITAL OF THE MONTEREY PENINSULA
Issue:
Based on interview and record review, the hospital failed to prevent the unauthorized disclosure of patient health information (PHI) for 14 of 15 sampled patients (1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, and 14), when documents containing PHI were left on Patient 15's bed. This failure disclosed PHI of 14 patients to an unauthorized individual. Findings:The California Department of Public Health received a faxed report on 3/20/13, which indicated a nurse left documents containing PHI for 14 patients in Patient 15's room. The documents disclosed patients' names, ages, medical record numbers, diagnosis, code status, attending physicians, admission dates, and general conditions. During an interview on 7/9/14 at 10:05 a.m., the director of Main West (DMW) stated registered nurse A (RN A) left a census sheet containing PHI in Patient 15's room.During an interview on 7/10/14 at 10:05 a.m., RN A stated near the end of her shift on 3/18/13 she went into Patient 15's room. RN A stated she was holding documents containing PHI when she went to check on Patient 15. RN A further stated, she did not recall if the documents were left in Patient 15's room after she left the room.A review of a copy of a letter dated 3/20/13 from the hospital to Patients 1 through 13 indicated a nursing shift report had been inadvertently left in the room of another patient, and each patient's name and information related to the patient's hospitalization had been disclosed.A review of a copy of a letter dated 3/20/13 from the hospital to Patient 14 indicated an order requisition form containing Patient 14's name and procedure had been inadvertently left in the room of another patient.During an interview on 7/9/14 at 10:05 a.m., neither DMW nor the privacy officer were able to state which staff member identified the privacy breach. During a telephone interview on 7/10/14 at 10:05 a.m., RN A stated she did not know which staff member received the document containing PHI from Patient 15.
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280