Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
RIVERSIDE COUNTY REGIONAL MEDICAL CENTER
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on July 15, 2014. Also cited in 123 other reports.
Report ID: J22Y11, California Department of Public Health
Reported Entity: RIVERSIDE COUNTY REGIONAL MEDICAL CENTER
Issue:
Based on interview and record review, the facility failed to prevent unauthorized disclosure of protected health information (PHI) for one patient (Patient 1) when another patient (Patient 2) was discharged from the Emergency Department (ED) with identification stickers belonging to Patient 1. This failed practice resulted in the potential for physical, emotional, and financial harm to Patient 1.Findings:During an interview with the facility Privacy Officer (PO) on July 15, 2014, at 9:20 a.m., the PO stated when Patient 2 was discharged from the ED on July 8, 2014, the discharge documents given to Patient 2 (two pages) had patient identification stickers on them that belonged to patient 1.A review of the documents given to Patient 2 indicated the following PHI belonging to Patient 1 was included on them:1. Name;2. Date of birth;3. Sex;4. Date of ED visit;5. Medical record number; and,6. Account number.Failure to verify the documents had the correct information on them, prior to discharging Patient 2 with them, resulted in disclosure of PHI to person(s) not authorized to have it.
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280