Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
SOUTH COAST GLOBAL MEDICAL CENTER
Cited by the California Department of Public Health for violations of California’s Health and Safety Code relating to medical privacy during an inspection that began on October 9, 2013. Also cited in 43 other reports.
Report ID: PR3G11.03, California Department of Public Health
Reported Entity: COASTAL COMMUNITIES HOSPITAL
Issue:
Based on interview and record review, the hospital failed to prevent the unauthorized disclosure of Patient A's Protected Health Information (PHI). Additionally, the hospital failed to notify the Department of the breach of Patient A's PHI within five business days of its knowledge of its occurrence.Findings: On 4/11/12, the Department received a copy of a letter from the hospital, dated 4/2/12, addressed to Physician 1. The letter showed the hospital informed the physician of an email received from Patient A's conservator, dated 3/26/12. The conservator stated she was recently informed by a family member that during Patient A's hospitalization, from 5/15/11 to 6/9/11, Physician 1 discussed Patient A's care and shared pictures from the patient's medical record with the conservator's family members without the conservator's permission. Review of hospital documentation showed the hospital was made aware of the breach on 3/27/12. On 4/11/12, a letter was received from Physician 1, dated 4/9/12, notifying the Department of the breach involving Patient A. On 12/18/12 at 1643 hours, in an electronic correspondence, the hospital's Compliance Officer verified the dates of this reported breach of PHI.
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280