Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
MERCY HOSPITAL OF FOLSOM
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on May 19, 2014. Also cited in 11 other reports.
Report ID: MVLG11.01, California Department of Public Health
Reported Entity: MERCY HOSPITAL OF FOLSOM
Issue:
Based on staff interview and record review, the facility failed to prevent unauthorized access to patient medical information. A return to work information notice for Patient 1 was unintentionally labeled with Patient 2's label containing the name, date of birth, and medical record number.Findings:The Department received an entity reported incident dated 6/12/13 that the facility detected a potential event of unauthorized disclosure of patient medical information. A return to work information notice for Patient 1 was unintentionally labeled with Patient 2's label, which contained the name, date of birth, and medical record number. The Regional Privacy Officer was interviewed on 5/20/14 at 9:10 a.m. She stated that the Privacy Office directs investigation and the department manager conducts privacy breach investigations. A concurrent interview with the Vice President of Ancillary & Support Services stated that this was an unintended mislabeling of a return to work document. Review of the facility investigation revealed that Patient 1 shredded the information immediately and contacted the Privacy Line regarding the incident and requested a new return to work form.The CDPH verified that the hospital informed the Department within the mandated time frame.
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280