Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Oroville Hospital
Cited by the California Department of Public Health for violations of California’s Health and Safety Code relating to medical privacy during an inspection that began on June 18, 2012. Also cited in 5 other reports.
Report ID: X7T911.02, California Department of Public Health
Reported Entity: OROVILLE HOSPITAL
Issue:
Based on interview and record review, the facility failed to report the unauthorized release of Patient 1's medical information to the Department, within the required five business days.Findings:On 6/19/12 at 2:30 pm, Administrative (Adm) Staff C stated that on 4/19/12 at an unknown time, the facility was informed via a certified letter that on 3/19/12, Patient 1's health information was released by Pathology Staff A to Pathology Staff B, without Patient 1's authorization. Pathology Staff A took a photograph of Patient 1's amputated fingers with her cell phone and sent it to Pathology Staff B without a business reason or authorization to do so. Adm Staff C confirmed that the Department was not notified of the breach until 5/4/12 at 4:28 pm, eight days after the end of the required reporting period ending on 4/26/13.
Outcome:
Fine imposed and deficiency cited by the California Department of Public Health: Health & Safety Code 1280