Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
EL CENTRO REGIONAL MEDICAL CENTER
Cited by the California Department of Public Health for violations of California’s Health and Safety Code relating to medical privacy during an inspection that began on March 13, 2012. Also cited in 38 other reports.
Report ID: PSEO11.02, California Department of Public Health
Reported Entity: EL CENTRO REGIONAL MEDICAL CENTER
Issue:
Based on interview and record review, the hospital failed to safeguard protected health information (PHI- is any information about health status, provision of health care, or payment for health care that can be linked to a specific individual) from unauthorized person(s) in accordance with their policies and procedures, for 1 of 1 sampled patients (Patient 1). Patient 1's Emergency Department (ED) discharge instructions were given to the wrong patient.Findings: On 2/27/12 at 8:23 A.M., the hospital reported to the Department that Patient 1's ED (Emergency Department) discharge instructions were inadvertently given to the wrong patient.A review of the Patient 1's medical record was conducted with the privacy officer on 3/13/12 at 10:50 A.M. Patient 1 was admitted to the hospital's ED on 2/16/12 and discharged on 2/16/12, per the face sheet. According to Patient 1's ED discharge instructions dated 2/16/12, there were 3 pages that contained the following confidential patient information: name, medical record number, account number, diagnosis, physician name, discharge instructions, follow-up instructions and prescriptions.A telephone interview with the registered nurse (RN 1) was conducted on 3/13/12, at 11:08 A.M. RN 1 stated that discharge instructions were generated by the physician. She stated that she recalled having 3 to 4 discharge instructions in her hands for multiple patients she was discharging. She stated that she was not aware that she had given Patient 1's discharge instructions to the wrong patient. She acknowledged that she did not follow the hospital's policy that required staff to double-check documents containing confidential patient information prior to releasing them to the patient.A review of the hospital's policy entitled "Access to and Maintenance of the Health Record," last review date of 7/21/11, was conducted on 3/13/12. The policy stipulated that, "All individuals engaged in the collection, handling or dissemination of patient health information should protect the confidentiality of patient data." Per the same policy, it indicated that, "The collection of any data relative to a patient whether by interview, observation or review of documents shall be conducted in a setting, which provides maximum privacy and protects the information from being accessed by an unauthorized individual." An interview with the Director of ED (DED) was conducted on 3/13/12, at 1:04 P.M. The DED acknowledged that RN 1 did not follow the hospital's policy related to authorized disclosures of health records. She stated that Patient 1's discharge instruction was given to the wrong patient.
Outcome:
Deficiency cited by the California Department of Public Health: Patients' Rights