Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
ST JUDE MEDICAL CENTER
Cited by the California Department of Public Health for violations of California’s Health and Safety Code relating to medical privacy during an inspection that began on December 9, 2011. Also cited in 29 other reports.
Report ID: NCGY11.03, California Department of Public Health
Reported Entity: ST JUDE MEDICAL CENTER
Issue:
Based on interview and review of hospital documents, the hospital failed to prevent the disclosure of protected health information (PHI) to unauthorized individual(s) and/or entity(ies) for Patient T. In addition, the hospital failed to notify the Department of the breach of PHI belonging to Patient T within five business days.Findings:Hospital documentation showed a breach of Patient T's PHI was discovered on 3/11/11. The hospital investigation showed Patient T was registered for an Emergency Department visit. During the registration process, Workmans Compensation was put into the system as the patient's insurance. However, the visit to the Emergency Department was personal and not work related. As the patient was registered incorrectly under Workmans Compensation insurance, Patient T's employer received PHI related to the patient's personal Emergency Department visit. Patient T's PHI included name, date of birth, medical record number, date of service and a bill for services rendered. The hospital was aware of Patient T's breach of PHI on 3/11/11. The Department was made aware of the breach on 3/21/11.On 4/6/12 at 0930 hours, during a telephone interview the hospital's Manager of Regulatory Compliance agreed with the above information provided by the hospital.
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280