Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
EISENHOWER MEDICAL CENTER
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on July 2, 2014. Also cited in 279 other reports.
Report ID: MVW611, California Department of Public Health
Reported Entity: EISENHOWER MEDICAL CENTER
Issue:
Based on interview and record review, the facility failed to ensure Patient A's private health information was protected from misuse by unauthorized entities when the patient's information was faxed to an unauthorized recipient. This failure to ensure patient information was sent to the appropriate receiver put Patient A at risk for misuse of private health information.Findings:An interview was conducted with the facility's Deputy Information Privacy Officer (DIPO) on July 2, 2014, at 11 a.m. The DIPO stated a surgery order form, containing Patient A's name and date of birth, was inadvertently faxed to the incorrect hospital. A record review was conducted of a report sent to the department dated, July 1, 2014. The report indicated,"Date incident discovered, June 27, 2014...A surgery order form containing the patient's name and date of birth was inadvertently faxed to the incorrect hospital..."A review of a copy of the letter sent to Patient A indicated, "...the purpose of this letter is to notify you that a surgery order form containing your name and date of birth was inadvertently faxed to the incorrect hospital. The unintended recipient hospital notified EMC of the error and agreed to destroy the document." A review of the facility policy and procedure titled "Faxing Protected Health Information," dated, March 21, 2013, indicated, all PHI sent or received shall be protected against unauthorized disclosure to third parties. The policy indicated,"Sending Information: Whenever possible, staff faxing Protected Health Information shall:1. Telephone the receiving facility to inform them that Protected Health Information is being faxed, confirm the fax number...2. Reconfirm the destination fax number prior to transmission by checking to telephone number displayed on the fax machine screen before transmitting it.3. Confirm the success of transmission by calling the intended recipient or by checking the fax transmittal report..."
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280