Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
DOCTORS MEDICAL CENTER
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on July 12, 2013. Also cited in 64 other reports.
Report ID: BETG11, California Department of Public Health
Reported Entity: DOCTORS MEDICAL CENTER
Issue:
Based on staff interview and administrative document review, the hospital failed to keep Protected Health Information (PHI) confidential when:1. Patient 1's medical information was given to another unauthorized patient. (refer to CA00344356)2. Patient 2's x-ray report was given to another unauthorized patient. (refer to CA00344360)3. Patient 3's discharge belongings were given to another unauthorized patient. (refer to CA00317942)These failures resulted in not protecting the PHI for Patient's 1, 2 and 3 and had the potential for unauthorized use. Findings: Refer to CA003443561. On 9/20/13 at 4 p.m., during an interview, the Hospital Compliance Officer (HCO) stated Patient 1's PHI was included in the discharge paperwork of an another patient who returned the paperwork to the HCO on 2/20/13.Review of the medical record indicated the following information was given to the wrong patient: a pacemaker implant record which included name of Patient 1. A letter was mailed to Patient 1 notifying him of the breach.The (Hospital) Policy and Procedure titled, Record Processing and Information Handling dated 9/16/13, III. Standard: A. Record Processing indicated; "Protected health information (PHI)...whether electronic or paper format, shall be protected from unauthorized disclosure...dissemination...It is expected all Users will maintain the confidentiality of this information."Refer to CA00344360 2. On 9/20/13 at 3:55 p.m., during an interview, the Hospital Compliance Officer (HCO) stated Patient 2's PHI was breached when an x-ray report was given to another patient on 2/18/13. Review of the medical record indicated an x-ray report with Patient 2's name was placed in the discharge information of another patient. A letter was sent to Patient 2 regarding the breach. The (Hospital) Policy and Procedure titled, Record Processing and Information Handling dated 9/16/13, III. Standard: A. Record Processing indicated; "Protected health information (PHI)...whether electronic or paper format, shall be protected from unauthorized disclosure...dissemination...It is expected all Users will maintain the confidentiality of this information."Refer to CA003179423. On 9/20/13 at 4:00 p.m., during an interview, the Hospital Compliance Officer (HCO) stated Patient 3's PHI was breached when his discharge belongings were given to another patient on 7/5/13.Review of the medical records indicated the discharge belongings included; the Patient 3's visa/debit card, bus tickets, social security card, discharge certificate, cash and another ID card. The breach occurred when a nurse labeled Patient 3's property with another patient's name and gave the property to the other patient when he was discharged. Patient 3 was notified of the breach 7/21/12 by certified letter.The (Hospital) Policy and Procedure titled, Patient's Personal Property dated 12/22/10, Purpose: To delineate the procedure to ensure the safety of personal valuables...Procedure I. "Personal belongings: A. At the time of admission,...items remaining with the patient are to be documented in detail in the electronic Nursing Admission Assessment...D. When patients are admitted to Critical Care areas: clothing and valuables are to be bagged and sent home with family...if available."
Outcome:
Deficiency cited by the California Department of Public Health: Patients' Rights