Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
SAN JOAQUIN COMMUNITY HOSPITAL
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on July 21, 2011. Also cited in 8 other reports.
Report ID: TF9I11, California Department of Public Health
Reported Entity: SAN JOAQUIN COMMUNITY HOSPITAL
Issue:
Based on interview and record review, the hospital failed to:1. Protect the medical information of Patient 1 when the hospital allowed an outside and unauthorized observer in the operating room (OR) during her surgery, which had the potential to adversely affect her care and privacy. 2. Protect the medical information of Patient 2 when the hospital allowed Chaplain A to access the medical information of his family member, which had the potential to adversely affect her privacy. Findings:1. During a concurrent interview and clinical record review for Patient 1 with the privacy Officer (PO) on 7/21/11 at 9:47 AM, she stated she investigated the incident and found the Surgeon did not document a consent for the Observer to be present in the OR before Patient 1's operation on 6/23/11. The hospital form titled "Authorization for Consent to Surgery or Special procedure" dated 6/23/11 and signed by Surgeon A, Surgeon B, and Registered Nurse (RN) 1, did not indicate the Observer would be in the OR during Patient 1's operation. The PO stated the hospital had a special form that needed to be filled out and consent given before the observer would be allowed in the OR. The clinical record contained a hospital document titled "Request for Presence of Observer During Childbirth/Surgical/Medical Procedure" and was signed by Patient 1's family member on 7/7/11, fourteen days after her operation. This document indicated the hospital received it via fax on 7/13/11, twenty days after Patient 1's operation. The hospital document titled "Intraop (intraoperative) Record" dated 6/23/11, indicated the Observer was present for 25 minutes in the OR during Patient 1's operation. All these findings of Patient 1's clinical charts were verified by the PO. During an interview with RN 1 on 8/11/11 at 4 PM, she stated she was present during Patient 1's operation on 6/23/11. She stated she witnessed Surgeon A and Surgeon B sign a consent for Patient 1's operation. She stated there was not a consent for an observer in Patient 1's clinical record. She stated Surgeon A stated he had received a verbal consent from Patient 1's family member for the operation but did not say anything about a consent for an observer. RN 1's account of the events was as follows: Patient 1 was unconscious when she was brought into the OR. While the staff was setting up the OR for the operation, Surgeon A, Surgeon B, and the Observer entered. Surgeon A did not tell anyone who the Observer was or why he was there. After the operation had begun, RN 1 asked to Observer who he was so she could add him to the OR record. The Observer stated his name but RN 1 could only understand his last name. When she asked the Observer again, Surgeon A stopped the operation and told RN 1 he would talk to her about it later and resumed the operation. RN 1 felt that because the operation for Patient 1 was an emergency situation to save her life, RN 1 would not pursue the identification of the Observer. Surgeon A left while Surgeon B closed the operation wounds and did not discuss the incident with RN 1. RN 1 reported the incident to her manager. During an interview with the PO on 7/26/11 at 8:40 AM, she stated the hospital does not have a policy and procedure for identifying persons present in the OR during an operation or for observers. She stated that there was only the request from for observing and medical intervention but the expectation was the request form needed to be completed before an observer was allowed to view a patient's operation. The American Medical Association policy E-5.0591 titled "Patient Privacy and Outside Observers to the Clinical Encounter," dated 2010, read: "Outside observers are individuals who are present during patient-physician encounters and are neither members of a health care team nor enrolled in an educational program for health professionals such as medical students. Physicians are ethically and legally responsible for safeguarding patient privacy and, therefore, must inform outside observers about medical standards of confidentiality and require them to agree to these standards. Outside observers may be present during the medical encounter only with the patient's explicit agreement. Physicians should avoid situations in which an outside observer's presence may negatively influence the medical interaction and compromise care." 2. During a concurrent interview and clinical record review for Patient 2 with the PO on 7/21/11 at 10:20 AM, she stated Chaplain A accessed Patient 2's (who was a family member) computer medical record while he was visiting her. She stated this was verified after she was notified by staff about the incident which happened on 7/6/11. She stated the hospital chaplains have access to patients' complete computerized medical records when they log on to enter notes about their visits with patients. The document found in Patient 2's computerized medical chart titled "Chaplain Care," dated 7/6/11, at 3:18 AM indicated Chaplain A had accessed Patient 2's medical records and wrote "This is my Family. I would like to see ?????????." The employee file for Chaplain A was reviewed on 7/21/11 at 10:40 AM. His transcripts for the training he received at the hospital indicated he had health information privacy training on 8/27/08, 12/10/08, and 12/4/10. During an interview with Chaplain B on 7/21/11 at 11:30 PM, he stated unless a chaplain has been called in to see a patient, he should not be accessing their medical record. He stated the chaplains have access to the whole medical record when they access a patient's computerized medical record. He stated he had confirmed Chaplain A had not been called by the hospital staff to see Patient 2 and he would not expect a chaplain to access family members' medical records. During an interview with Chaplain A on 8/1/11 at 4:15 PM, he stated his family members called him to come to the hospital to see Patient 2. He stated his family members were upset about the care Patient 2 was receiving from the staff. He stated he accessed Patient 2's computer record to put a note into her medical record so the staff would be nice to her. He stated, "I guess that was the wrong thing to do." He stated he did have access to the whole computerized medical record for Patient 2 and he had received health information privacy training at the hospital. During an interview with RN 2 on 8/11/11 at 4:50 PM, she stated Chaplain A came to see Patient 2 because she was a family member. She stated she saw him sitting at the hospital computer and accessing a medical record on the night of 6/23/11, but she could not see if it was Patient 2's. The hospital policy and procedure titled "Confidentiality of Protected Health Information," dated 11/14/08, read: "Persons may not access, receive or view information about patients, employees, or business matters which is not required in the performance of job duties or contractual obligations."
Outcome:
Deficiency cited by the California Department of Public Health: Patients' Rights