REDLANDS COMMUNITY HOSPITAL

Report ID: SKDH11, California Department of Public Health

Reported Entity: REDLANDS COMMUNITY HOSPITAL

Issue:

Based on interview and record review, the facility failed to ensure the confidential treatment of Patient B's protected health information (PHI), when an Emergency Department Registered Nurse (RN 1) released the discharge paperwork for Patient B to Patient A upon discharge from the emergency department (ED). This resulted in a breach of PHI for Patient B.Finding:On September 19, 2014 at 09:55 AM a phone interview was conducted with the Health Information Management Privacy Officer (HIMPO) regarding an entity reported incident of a breach of PHI for Patient B, on September 2, 2014. The HIMPO stated the procedure for discharging a patient from the ED is to double check every page of the document for name verification. Double identifiers are to be used upon discharge; patient medical record number and patient's first and last name are to be verified. During a review of the documentation that had been given to Patient A, the paperwork included Patient B's Discharge Summary which contained Patient B's name, account number, unit number, date of birth, age, sex, patient visit information and medication list.A review of the facility policy and procedure titled, "Patient Privacy and Security," not dated, indicated under section "Policy," "All Departments will be responsible for the protection of the confidentiality of PHI and sensitive information."The failure to ensure the discharge paperwork contained only Patient A's PHI resulted in the unauthorized release of Patient B's PHI to Patient A.

Outcome:

Deficiency cited by the California Department of Public Health: Patients' Rights