Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
UNIVERSITY OF CALIFORNIA SAN FRANCISCO MEDICAL CENTER
Cited by the California Department of Public Health for violations of California’s Health and Safety Code relating to medical privacy during an inspection that began on February 10, 2014. Also cited in 108 other reports.
Report ID: Y0O211.02, California Department of Public Health
Reported Entity: UCSF MEDICAL CENTER
Issue:
Based on interview and record review the facility failed to safeguard the individually identifiable information of patients when the patient's consult letter for two patients was faxed to the incorrect healthcare provider and one patient's visit summary was handed to another patient.Findings:1. CA 00384951In an interview on 2/10/14 at 2:00 PM Privacy Analyst 1 (PA1) stated that on 1/14/14 a medical consultation letter containing patient name, medical record number, date of birth, date of visit, medications taken, and medical history was faxed to the wrong healthcare provider. PA1 said the department clerk chose the incorrect referring provider and faxed the consult. The consult was faxed back later in the day (no cover sheet) with a note stating the incorrect provider had been faxed. PA1 said employee was counseled on the importance of using two identifiers for each communication.Record review indicated consult addressed to correct healthcare provider consult was faxed back later in the day (no cover sheet) with a notation, "1/14/14 - Not our patient". Review of original appointment made 9/3/13 indicated referring provider was incorrectly entered and multiple changes/edits prior to appointment did not address referring physician verification.2. CA 00384981In an interview on 2/10/14 at 2:30 PM Privacy Analyst 1 (PA1) stated that on 1/14/14 a medical consultation letter containing patient name, medical record number, date of birth, date of visit, medications taken, and medical history was faxed to the wrong healthcare provider. PA1 said the department clerk chose the incorrect referring provider from a drop-down window and faxed the consult. PA1 said clerk received re-training on importance of checking names especially in patients/physicians with common names to ensure proper transmittal of information.Record review indicated the name of the provider who was faxed the healthcare information had the same first and last name with a different indentifying middle name and a different type of medical practice. The fax was sent back to the facility on 1/16/14 at 10:21AM with a notation "Not our pt!".3. CA 00385079In an interview on 2/10/14 at 2:50 PM Privacy Analyst 1 (PA1) stated that on 1/14/14 a medical consultation summary containing patient name, medical record number, date of birth, date of visit, medications taken, and medical history was given to the wrong patient. PA1 said that on 1/17/14 Medical Practitioner 1 (MP1) printed out the information of Patient 1 (P1) and instructed staff 1 (S1) to hand consult to Patient 2 (P2). Staff 1 did not check the consult or identify the patient receiving the consult to ensure appropriate delivery to correct patient. PA1 said that P2 called the facility and reported the incorrect paperwork had been given to him, which he had not noticed until after he returned home.
Outcome:
Deficiency cited by the California Department of Public Health: Medical Record Availability