Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
DOCTORS MEDICAL CENTER
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on March 25, 2014. Also cited in 64 other reports.
Report ID: O8T311, California Department of Public Health
Reported Entity: DOCTORS MEDICAL CENTER
Issue:
Based on staff interview and administrative document review, the hospital failed to keep Protected Health Information (PHI) confidential when:1. Patient 1's medical information was given to an unauthorized individual. (refer to CA00392418)2. Patient 3's PHI was discussed in the presence of an unauthorized individual. (refer to CA00347961)3. Patient 4's medical information was given to an unauthorized individual. (refer to CA00351311)These failures resulted in not protecting the PHI for Patient's 1, 3 and 4 and had the potential for unauthorized use. Findings: Refer to CA003924181. On 4/11/14 at 3 p.m., during an interview, the Hospital Compliance Officer (HCO) stated, on 3/18/13 Registered Nurse 1 (RN 1) accidentally included Patient 1's PHI in the discharge information for Patient 2 which was then given to an unauthorized third party. Patient 1's PHI breached included: A valuables and clothing form with a list of belongings which included a watch and various articles of clothing and a diabetes medication discharge instruction sheet. Both records contained Patient 1's name, date of birth, medical record number, and doctor. The diabetic flow sheet included medications, instructions on medication administration and results of blood sugar tests. The (Hospital) Policy and Procedure titled, "Record Processing and Information Handling" dated 9/16/13, indicated; "Protected health information (PHI)...whether electronic or paper format, shall be protected from unauthorized disclosure...dissemination...It is expected all Users will maintain the confidentiality of this information."Refer to CA00347961 2. On 4/11/14 at 3:10 p.m., during an interview, the Hospital Compliance Officer (HCO) stated, on 3/19/13 Patient 3's Medical Doctor (MD) discussed her past medical history in front of an unauthorized third party. Patient 3 filed a complaint with the facility Patient Care Services Director. The (Hospital) Policy and Procedure titled, "Patient Information and Privacy Policy", dated 9/16/13, indicated; "Members of the (Hospital) Workforce will use and disclose PHI only as permitted...and when required with the patient's signed prior authorization...(Hospital) will not: Disclose any portion of the PHI that is not relevant to the patient's current condition and that could prove embarrassing to the patient..."Refer to CA003513113. On 4/11/14 at 3:15 p.m., during an interview, the Hospital Compliance Officer (HCO) stated, on 4/10/13 Patient 4's PHI was breached when a lab report was included in Patient 5's discharge information by Registered Nurse 2 (RN 2).Review of the medical records indicated Patient 4's lab report included: Name, date of service, medical record number and results of a complete blood count (CBC). The (Hospital) Policy and Procedure titled, Record Processing and Information Handling dated 9/16/13 indicated; "Protected health information (PHI)...whether electronic or paper format, shall be protected from unauthorized disclosure...dissemination...It is expected all Users will maintain the confidentiality of this information."
Outcome:
Deficiency cited by the California Department of Public Health: Patients' Rights