Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
RIVERSIDE COUNTY REGIONAL MEDICAL CENTER
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on March 16, 2015. Also cited in 123 other reports.
Report ID: QBLE11, California Department of Public Health
Reported Entity: RIVERSIDE COUNTY REGIONAL MEDICAL CENTER
Issue:
Based on interview and record review, the facility failed to prevent unauthorized disclosure of protected health information (PHI) for one patient (Patient 1). An employee in the Medical Records Department provided Patient 1's lab results to Patient 2. This resulted in the potential for misuse of Patient A's PHI.Findings:On March 16, 2015, at 9:15 a.m., the Administrative Service Officer (ASO) was interviewed. The ASO stated Patient 1's lab results had been mis-filed into Patient 2's medical record. The ASO stated, On March 2, 2015, Patient 2 came into the Medical Records Office to request a copy of his medical record. At that time an employee of the Medical Records Department made a copy of Patient 2's entire record, and provided it to Patient 2. The ASO stated the employee failed to have another employee double check and verify that the record was correct prior to providing it to Patient 2.The ASO stated Patient 2 notified the facility on March 2, 2015, that he had also received two pages of Patient 1's laboratory results within his own medical record.A copy of the Patient 1's laboratory results sent to Patient 2 was reviewed and contained the following PHI:- Name;- Address;- Telephone number;- Date of birth;- Account number; and - Laboratory results.
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280