HIPAA Helper »
Ukiah Valley Medical Center »
Jun 13, 2012

This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.

Ukiah Valley Medical Center

275 HOSPITAL DRIVE UKIAH,CA 95482

Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on June 13, 2012. Also cited in 31 other reports.

Report ID: I3TJ11.01, California Department of Public Health

Reported Entity: UKIAH VALLEY MEDICAL CENTER/HOSPITAL D

Issue:

Based on staff interview and facility record review, the facility failed to ensure that patient health information (PHI) was safeguarded from unauthorized use for three patients (Patient 1, Patient 2 and Patient 3) when two patient accounts were billed to the incorrect employer and one patient account was billed and sent to the wrong address. Findings: On 5/31/12 at 8 a.m., the California Department of Public Health received a faxed report from the facility that three breaches of PHI had occurred on 5/25/12, and the facility had become aware on 5/30/12.During an interview on 6/13/12 at 1:30 p.m., Administrative Staff A stated the facility owned an out-patient office, (JOB CARE), which provided pre-employment screenings, and Workman Compensation cases for contracted employers. Administrative Staff A stated that on 5/25/12, Patient 1 and Patient 2's (both employed by Federal Express Ground) billings were sent to the wrong department of Federal Express. The billing information contained both Patient 1 and Patient 2's names, account numbers, and type of service. The billing office notified the facility, and the billing was corrected. Letters were sent to both Patient 1 and Patient 2 on 5/31/12, informing them of the breach.Administrative Staff A stated on 5/25/12, Patient 3's billing information was sent to the wrong department of Federal Express and the wrong address. The billing information included Patient 3's name, account number, and type of visit. Patient 3 was notified of the breach by letter on 5/31/12. Administrative Staff A stated after the billing was corrected, the involved staff decided to put a new billing system in place to prevent future incidents, as above, from occurring.

Outcome:

Deficiency cited by the California Department of Public Health: Health & Safety Code 1280

Related Reports:

1 other violation reported on the same date. Note that other citations may be about the same event: T86T11.01

Do you believe your privacy has been violated? Here’s what you can do: