Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
RIVERSIDE COUNTY REGIONAL MEDICAL CENTER
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on April 2, 2014. Also cited in 123 other reports.
Report ID: JHM911.01, California Department of Public Health
Reported Entity: RIVERSIDE COUNTY REGIONAL MEDICAL CENTER
Issue:
Based on interview and record review, the facility failed to prevent the unauthorized disclosure of Protected Health Information (PHI) for one patient, Patient A, when a Registered Nurse (RN) gave a information document intended for Patient A to another patient, Patient B. This failed practice had resulted in Patient B having access to the PHI of Patient A, and the potential for the misuse of Patient A's PHI.Findings:On April 2, 2014, at 1:25 p.m., a phone investigation was conducted for an entity reported incident investigation. In a concurrent interview with the Administrative Services Officer (AS0), the ASO stated on March 13, 2014, she was informed a document that indicated child safety seat information intended for Patient A was given to Patient B.The ASO stated the facility's policy and procedure regarding the use of two patient identifiers prior to the release of documents, was not followed. The record document intended for Patient A and provided for Patient B was reviewed. The document titled ""Child Safety Seat Information" dated March 3, 2014, was stamped with Patient A's name, date of birth, account, and medical record numbers.The facility policy and procedure titled "Patient Identification" dated May 23, 2012, indicated "Use at least two patient identifiers when providing care, treatment, or other services..."The facility policy and procedure titled "Patient Privacy: HIPPA" dated August 27, 2013, indicated "Maintain the highest level of confidentiality for all protected health information...Protected Health Information (PHI) is defined as verbal, written, or electronic information...Such as name..medical record number...information about the patient's medical condition..diagnostics, testing, treatment..."
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280