Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
RIVERSIDE COMMUNITY HOSPITAL
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on July 16, 2014. Also cited in 64 other reports.
Report ID: DBNA11.01, California Department of Public Health
Reported Entity: RIVERSIDE COMMUNITY HOSPITAL
Issue:
Based on interview and record review, the facility failed to prevent unauthorized disclosure of protected health information (PHI) for one patient (Patient 1) when a different patient (Patient 2) was discharged home with instructions labeled for Patient 1. This failed practice resulted in the potential for physical, financial, and emotional harm to Patient 1.Findings:During an interview with the facility Privacy Officer (PO) on July 16, 2014, at 10:20 a.m., the PO stated on October 11, 2013, Patient 2 was discharged home with discharge instructions containing an identification label for Patient 1.The documents given to Patient 2 were reviewed on July 16, 2014. The patient identification labels on the documents contained the following PHI for Patient 1:1. Name;2. Date of birth;3. Age;4. Sex;5. Physician's name;6. Medical record number;7. Account number;8. Date of admission; and,9. Location in the hospital.The failure of the staff to verify the discharge documents had the correct patient's name on them resulted in unauthorized persons having access to PHI for Patient 1.
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280