EISENHOWER MEDICAL CENTER

Report ID: QFDL11.01, California Department of Public Health

Reported Entity: EISENHOWER MEDICAL CENTER

Issue:

Based on interview and documents review, the facility failed, for one patient (Patient A), to ensure that Protected Health Information (PHI) was not disclosed to an entity not authorized to receive the information. This failed practice had the potential to result in medical identity theft and/or fraud. Findings:On March 12, 2012, an investigation regarding unauthorized disclosure of Patient A's PHI was conducted. On May 15, 2013, at 9:37 a.m., a follow up phone call was made to the facility. A phone interview with the Executive Secretary (ES) was conducted. The ES stated on December 1, 2011, an employee of the medical information company unintentionally faxed four pages of Patient A's physician progress notes to an attorney office without authorization from Patient A. The PHI included in the physician progress notes were patient's name, date of birth, patient's health history and diagnoses. The attorney office staff informed the medical information company about the mistake on January 6, 2012. The attorney office staff told the medical information company that they had shredded the documents. On May 15, 2013, a review of facility documents included:a. Four pages of Patient A's physician progress notes and one page of drug dispensing record. The PHI included Patient's name, date of birth, sex, age, identity number, address, phone number, allergies, Patient A's health history and diagnoses. b. A letter addressed to Patient A, dated January 13, 2012, indicated the facility notified Patient A of the privacy breach.

Outcome:

Deficiency cited by the California Department of Public Health: Health & Safety Code 1280

Related Reports:

2 other violations reported on the same date. Note that other citations may be about the same event: LOIQ11.01, P28B11.01