Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
WATSONVILLE COMMUNITY HOSPITAL
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on January 16, 2015. Also cited in 5 other reports.
Report ID: C38F11.01, California Department of Public Health
Reported Entity: WATSONVILLE COMMUNITY HOSPITAL
Issue:
Based on interview and record review, the hospital failed to prevent the unauthorized disclosure of protected health information (PHI) for Patient 1, when discharge paperwork for Patient 1 was inadvertently given to Patient 2. The failure resulted in the disclosure of Patient 1's PHI to an unauthorized individual. Findings:The California Department of Public Health received a faxed report on 7/30/14, which indicated while discharging Patient 2, a staff member inadvertently handed Patient 2 the discharge paperwork for Patient 1, along with her own paperwork. A hospital internal investigation revealed the staff member did not review the documents to verify the patient information was correct prior to giving Patient 2 the documents.During an interview on 1/16/15 at 2:15 p.m., the facility privacy officer (FPO) stated Patient 1's Continuity of Care document containing Patient 1's name, address, race, sex, diagnosis, physician, and workplace was inadvertently given to Patient 2 upon discharge. FPO stated two staff were printing discharge paperwork for two different patients using the same printer and one staff inadvertently took all of the documents, for the two patients, and handed all the documents to Patient 2 without verifying if all the pages were for Patient 2. FPO stated Patient 2 did not notice until she arrived home that she had some of Patient 1's documents. FPO further stated Patient 2 mailed Patient 1's documents (five pages) to the hospital. FPO stated she opened the envelope and saw the documents belonged to Patient 1.Review of a copy of the Continuity of Care Document mailed to the hospital indicated Patient 1's name, address, date of birth, sex, diagnosis, work place, physician, visit date, hospital name, medications, history of diagnoses, and other clinical information had been disclosed.Review of a copy of a letter dated 7/30/14 from the hospital to Patient 1 indicated Patient 2 had been inadvertently given a copy of Patient 1's Continuity of Care Document which disclosed Patient 1's PHI.Review of the hospital's 12/2012 "Volume I - Management of Information" policy indicated PHI will be maintained in a manner which restricts access to those with a need-to-know.
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280