Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
SHARP CHULA VISTA MEDICAL CENTER
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on August 7, 2013. Also cited in 46 other reports.
Report ID: QNI311.01, California Department of Public Health
Reported Entity: SHARP CHULA VISTA MEDICAL CENTER
Issue:
Based on interview, document and record review, the hospital failed to ensure that one patient's (Patient A) protected health information (PHI) was kept confidential and not disclosed to another health care provider without Patient A's prior authorization.Findings:An on site investigation of an entity reported privacy breach was initiated on 8/7/13, after the hospital reported to the California Department of Public Health that a Register Nurse Case Manager (RN 1) inadvertently provided a referral request for home infusion, with the wrong patient's (Patient A) laboratory results and PICC line (peripherally inserted central catheter - a form of intravenous access that can be used for a prolonged period of time) information.On 11/15/13 at 3:00 P.M., an interview was conducted with RN 1. RN 1 stated that, on 7/15/13, she was working on arranging home antibiotic treatment for Patient B with an infusion company. While RN 1 was working on Patient B's referral when she was interrupted by a phone call regarding Patient A. After the phone call, RN 1 continued working on Patient B's referral and inadvertently sent Patient A's laboratory results and PICC line information to the home infusion center.The laboratory results and PICC line information contained the following personal and protected health information belonging to Patient A:1. Patient's Name2. Medical Record Number3. Complete Blood Count Results4. Six Sets of Vital Signs (temperature, pulse, blood pressure, respirations and oxygen saturation)5. PICC Line Insertion Procedure ReportA review of the hospital's policy and procedure, entitled "Confidentiality of Information" and dated 8/12, indicated that "Safeguarding of Information: Sensitive information collected and/or generated within [name of hospital] shall be maintained in such a manner that access to it is restricted to those who need to know. Information will be restricted to those with a legal right under authorization, those participating in treatment, payment, healthcare operations and as mandated by state and federal laws in accordance with [name of hospital]'s policies."An interview was conducted with the Nurse Manager of Case Management and Social Services (NM) The NM stated that it was her expectation that Registered Nurse Case Managers should open the electronic attachment, regarding a patient, prior to the electronic transmittal of the attachment to check for the correct patient's name and account number.During the interview with RN 1, RN 1 stated that she did not "do the double check." RN 1 acknowledged that she was not following the hospital's policy and procedure to safeguard patient's personal and protected health information.
Outcome:
Deficiency cited by the California Department of Public Health: Patients' Rights