WATSONVILLE COMMUNITY HOSPITAL

Report ID: 6LCN11.01, California Department of Public Health

Reported Entity: WATSONVILLE COMMUNITY HOSPITAL

Issue:

Based on interview and record review, the hospital failed to prevent the unauthorized disclosure of protected health information (PHI) for Patient 1, when Patient 1's PHI was given to another patient upon discharge. The failure resulted in the disclosure of Patient 1's PHI to an unauthorized individual. Findings:The California Department of Public Health received a faxed report on 4/9/13, which indicated the Same Day Discharge Instructions, medication lists, pictures from a surgical procedure, and prescription for Patient 1 were inadvertently given to Patient 2 upon her discharge. A hospital internal investigation revealed the discharging staff member did not review the documents to verify the patient information was correct prior to releasing the documents. The documents which contained Patient 1's date of birth, type of procedure, and medications were returned to the hospital.During an interview on 1/16/15 at 1 p.m., the facility privacy officer (FPO) stated on 6/2/14, a hospital staff member had inadvertently given Patient 1's discharge instructions to Patient 2, which contained his name, date of birth, medical record number, sex, age, admit date, four sheets of pictures taken during surgery, prescription, and three pages of discharge information. FPO stated Patient 2's caregiver noticed Patient 2 had some wrong documents, spoke with FPO on 6/5/14, and notified her of the error. FPO stated Patient 2's caregiver mailed Patient 1's information back to the hospital. FPO opened the package and confirmed the documents were intended for Patient 1.A review of a copy of the incorrect documents which were mailed back to the hospital indicated a Same Day Surgery Discharge Instruction document disclosing Patient 1's name, admit date, medical record number, doctor's name, date of birth, age, and sex, three pages of discharge information and instructions which disclosed the surgical procedure, post-surgical instructions, and medication; a Medication Reconciliation Physician Orders document which disclosed medication allergy, medications and dosage, name, hospital name, date of birth, age, medical record number, and date of service; a Discharge Prescription Order document disclosing medication and dosage, name, name of hospital, admit date, medical record number, physician's name, date of birth, age, and sex; and four pages of pictures (13 total pictures) of the surgical procedure which also disclosed Patient 1's name, hospital name, admission date, medical record number, physician's name, date of birth, age, and sex.A review of a copy of a letter dated 6/9/14 from the hospital to Patient 1 indicated Patient 1's PHI had been inadvertently disclosed during the discharge process of Patient 2, when copies of Patient 1's Same Day Discharge Instructions, medications, and pictures from his surgical procedure had been given to Patient 2. The hospital had determined a staff member discharging Patient 2 did not verify the patient name and information on each page prior to giving the documents to Patient 2.A review of a copy of the hospital's 12/2012 "Confidentiality" policy indicated PHI will be maintained in a manner which restricts access to those with a need-to-know.A review of a copy of the hospital's 08/2003 "Patient Identification, Assuring Accuracy" policy indicated to prevent a possible error in patient identification....two patient identifiers are used....care worker will utilize at least two identifiers to validate the identity of the patient.

Outcome:

Deficiency cited by the California Department of Public Health: Health & Safety Code 1280

Related Reports:

2 other violations reported on the same date. Note that other citations may be about the same event: 8S0K11.01, C38F11.01