Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
SAINT AGNES MEDICAL CENTER
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on November 6, 2012. Also cited in 16 other reports.
Report ID: LNUR11, California Department of Public Health
Reported Entity: SAINT AGNES MEDICAL CENTER
Issue:
Based on staff interview and administrative document review the Hospital failed to keep Protected Health Information (PHI) confidential when Patient 1's non-diagnostic baby ultrasound compact disc was mistakenly given to Patient 2's responsible party.This failure placed Patient 1's PHI at potential risk for unauthorized use.Findings:On 11/6/12 at 9:10 a.m., during an interview, Staff 1 (Privacy Officer) stated Patient 1's non-diagnostic 4D baby ultrasound compact disc (CD) was mistakenly given to Patient 2's Responsible Party. Staff 1 stated Patient 1's Responsible Party was informed of the breach of PHI by a mailed letter. The CD included Patient 1's name, medical record number, and baby picture.The hospital policy and procedure titled " Privacy and Confidentiality Policy " effective date 9/17/09, indicated: "[Hospital] recognizes the importance of safeguarding all confidential information and values the privacy of our patients... Access and distribution of confidential information is limited to authorized individuals in the performance of normal job-related functions. Accessing, distributing, or using Confidential Information for any purpose other than performing normal job-related functions is a violation of this policy."
Outcome:
Deficiency cited by the California Department of Public Health: Patients' Rights