HIPAA Helper »
RIVERSIDE COUNTY REGIONAL MEDICAL CENTER »
Jan 15, 2014

This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.

RIVERSIDE COUNTY REGIONAL MEDICAL CENTER

26520 CACTUS AVENUE MORENO VALLEY,CA 92555

Cited by the California Department of Public Health for violations of California’s Health and Safety Code relating to medical privacy during an inspection that began on January 15, 2014. Also cited in 123 other reports.

Report ID: YDT911.01, California Department of Public Health

Reported Entity: RIVERSIDE COUNTY REGIONAL MEDICAL CENTER

Issue:

Based on interview and record review, the facility failed to protect Patient 1's protected health information (PHI) from unauthorized disclosure. Patient 1's discharge instructions were given to the parents of an adult patient without her permission. This resulted in the potential for misuse of Patient 1's PHI. Findings:On January 15, 2014, at 2 p.m., the Administrative Services Officer (ASO) was interviewed. The ASO stated Patient 1(an adult patient) was discharged from the facility on June 17, 2013. The ASO stated the parents of Patient 1 returned to the facility on June 18, 2013, stating Patient 1 had not received discharge instructions, and requested a copy of them. The ASO stated Nurse 1 went to Medical Records, pulled the record, made copies, and supplied the copies to the parents. The ASO stated staff are not allowed to make copies of a medical record once the Patient has been discharged. In addition, the ASO stated Nurse 1 should not have supplied Patient 1's discharge instructions to anyone else without Patient 1's permission.The discharge instructions for Patient 1 was reviewed. The discharge instructions contained Patient 1's name, date of birth, medical record number, diagnosis, medications prescribed, a brief summary of treatment and tests rendered.A review of the facility policy, "Patient Privacy, Confidentiality, Medical Records, And Access To, Or Release Or Disclosure Of, Patient Information, (Revised Date: 01/02/09)," indicated, "(The facility) and its personnel shall reasonably safeguard confidential medical information from any unauthorized access or unlawful access use, or disclosure."

Outcome:

Deficiency cited by the California Department of Public Health: Health & Safety Code 1280

Related Reports:

The report containing this deficiency also includes information about 2 other violations. Note that these may be related to the same event: YDT911.02, YDT911.03

2 other violations reported on the same date. Note that other citations may be about the same event: 7W7L11.01, H1FZ11.01

Do you believe your privacy has been violated? Here’s what you can do: