This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.

EISENHOWER MEDICAL CENTER

39-000 BOB HOPE DRIVE RANCHO MIRAGE,CA 92270

Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on April 3, 2014. Also cited in 279 other reports.


Report ID: WS8211, California Department of Public Health

Reported Entity: EISENHOWER MEDICAL CENTER

Issue:

Based on interview and record review, the facility failed to ensure the PHI (protected health information) for one patient (Patient A) remained confidential. This failure resulted in the unauthorized disclosure of Patient A's PHI to an unintended recipient.Findings:An interview was conducted with the facility's Information Privacy Officer (IPO) on April 3, 2014, at 9:30 a.m. The IPO stated on March 13, 2014, photos containing Patient A's name and medical record number were inadvertently handed to the wrong patient. The IPO stated facility staff selected the wrong name when printing, and the staff did not verify the patient's name before handing it to Patient B. A review of the letter sent to Patient A on March 19, 2014, indicated "The purpose of this letter is to notify you that a portion of your medical record, specifically exam images containing your name and medical record number were inadvertently handed to another patient. The unintended recipient notified the facility of the error and agreed to return the documents."The facility policy and procedure titled "Information Privacy" reviewed/revised December 19, 2011, revealed "... (facility name) will take all necessary steps to avoid unauthorized or unlawful access, use or disclosure of protected health information ..."A policy titled "Patient Identification Policy and Procedure," with a last reviewed/revised date of January 3, 2011, was reviewed on March 4, 2014. The policy indicated it was an organization-wide policy and it applied to all services and care settings. The policy indicated patient identification must be performed utilizing at least two identifiers: first and last name, date of birth or medical record number.

Outcome:

Deficiency cited by the California Department of Public Health: Health & Safety Code 1280

Do you believe your privacy has been violated? Here’s what you can do: