Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
EISENHOWER MEDICAL CENTER
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on May 15, 2014. Also cited in 279 other reports.
Report ID: M5K011, California Department of Public Health
Reported Entity: EISENHOWER MEDICAL CENTER
Issue:
Based on staff interview and record review, the facility failed to prevent the unauthorized access and/or disclosure of Patient A's private health information (PHI), when a document containing Patient A's information was inadvertently faxed to a residential fax number.This had the potential to result in the misuse of the Patient A's private health information.Findings:On May 15, 2014, at 3:30 p.m., an investigation was conducted on this entity reported incident. On May 15, 2014, at 3:30 p.m., the facility Registered In-House Counsel (RIHC) was interviewed. The RIHC stated on May 15, 2014, an unauthorized disclosure of Patient A's PHI was inadvertently sent to a residential fax machine. The recipient had called the office and informed the facility staff of the error. The following information was originally intended to be faxed to a physician's group: A fax cover page with Patient A's name, date of birth, medical account number, and diagnosis.On May 15, 2014, a record review was conducted of a form dated, May 15, 2014, titled,"Regulatory Notice." This form was sent by the facility to Resident A and indicated, "On May 8, 2014, the recipient (person who inadvertently received faxed PHI) told the (facility) that she would shred the (PHI) sheet."A review was conducted of the facility policy dated, March 21, 2013, titled,"Faxing Protected Health Information." The form indicated under "Sending Information,"Whenever possible, staff faxing Protected Health Information shall:1. Telephone the receiving facility to inform them that the Protected Health Information is being faxed, confirm the fax number...2. Reconfirm the destination fax number prior to transmission by checking to telephone number displayed on the fax machine screen before transmitting it..."An interview was conducted with the RIHC on May 16, 2014, at 4:35 p.m. The RIHC stated, "The staff member admitted to going too fast with the input of the fax phone number." We train them (staff) to verify the fax number twice. The first check is made by calling the recipient number and verifying the fax number. The second check is verification of the fax number with comparing it to what is written on paper."The Facility failed to maintain the Patient's Private Health Information by sending information to a residential fax without authorization from the Patient or the Patient's representative.
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280