EISENHOWER MEDICAL CENTER

Report ID: 7YYJ11.01, California Department of Public Health

Reported Entity: EISENHOWER MEDICAL CENTER

Issue:

Based on interview and record review, the facility failed to ensure Protected Health Information (PHI) for one patient (Patient 1) was protected from unauthorization disclosure when his information was mailed to the wrong address. This failure resulted in the unauthorized disclosure and the potential for misuse of Patient 1's PHI. Findings:An interview was conducted with the Deputy Information Privacy Officer on June 8, 2015, at 3:30 p.m. She stated, "A New Patient Packet containing Patient 1's name, address, date of birth, medical record number, and appointment date and time was mailed to an incorrect address on May 26, 2015. The unintended recipient notified us of the error and agreed to destroy the documents."Patient 1 was notified of the information privacy breach of his protected health information (PHI) via a letter dated and mailed on June 4, 2015, to his last known address.The California Department of Public Health (CDPH) was notified via a facsimile received on June 4, 2015, and a letter dated and mailed on June 4, 2015, of the unauthorized disclosure of Patient 1's medical information.A review of the facility's policy titled, "Information Policy," was conducted on June 9, 2015. The policy indicated, "...the facility will take all necessary steps to avoid unauthorized or unlawful access, use or disclosure of protected health information and to mitigate any harmful effect that is known to the facility of an unauthorized or unlawful access, use or disclosure of protected health information in violation of the facility's policies and procedures."

Outcome:

Deficiency cited by the California Department of Public Health: Health & Safety Code 1280

Related Reports:

1 other violation reported on the same date. Note that other citations may be about the same event: 4P6711.01