Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Scripps Mercy Hospital
Cited by the California Department of Public Health for violations of California’s Health and Safety Code relating to medical privacy during an inspection that began on October 16, 2013. Also cited in 72 other reports.
Report ID: P8P911.02, California Department of Public Health
Reported Entity: SCRIPPS MERCY HOSPITAL
Issue:
Based on interview and record review, the hospital failed to observe the patient's right to confidential treatment of medical record information. One sampled patient's Emergency Department (ED) electronic medical record information was accessed and viewed by a nurse aide without an approved need for access, and without the patient's authorization (Patient 1). Findings:An onsite visit of the hospital was conducted on 10/24/13 in response to a hospital report whereby a nurse aide made an unauthorized access of the electronic medical record belonging to Patient 1. The particular nurse aide was never assigned to this patient, and had not provided direct care to this patient.On 10/24/13 beginning at 2:35 P.M., an interview was conducted with the director of patient relations and risk management. She indicated that during a review of the incident log record, an incidental finding showed Patient 1's ED electronic medical record was accessed and viewed during the hours of 7/06/13 from 11:10 P.M. to 7/07/13, 12:15 A.M. The work schedule confirmed the nurse aide worked during these hours, and the log record showed her name as the person who had made the access to the the electronic medical record belonging to Patient 1. The director had also indicated that the nurse aide had admitted to the unauthorized access to the entire list of ED patients on 7/06/13, including the access and viewing of Patient 1's medical record. She added that as a result, the nurse aide was terminated from her job.The protected medical record information that were accessed and viewed without Patient 1's authorization included the ED physician dictated examination report, patient complaints, treatment provided, medical record number, age and date of birth. The unauthorized access was in violation of Patient 1's right to confidential treatment of all communications and record pertaining to the health care she received in the Emergency Department on 7/06/2013.
Outcome:
Deficiency cited by the California Department of Public Health: Patients' Rights