HEMET VALLEY MEDICAL CENTER

Report ID: 4MPF11.01, California Department of Public Health

Reported Entity: HEMET VALLEY MEDICAL CENTER

Issue:

Based on interview and facility document review, the facility failed to prevent unauthorized access and/or disclosure of Patient 1's medical information, when Patient 1's prescription was given to Patient 2. This failure had the potential to result in misuse of private/protected information.Findings:On October 31, 2013, at 11:30 a.m., The Privacy Officer (PO) was interviewed. The PO stated Patient 1 and Patient 2 were both treated in out patient surgery on August 9, 2013. Both patients had similar procedures performed by the same physician. In addition, both were prescribed the same medication. The PO stated when the nurse went to discharge Patient 2, she accidentally placed Patient 1's label on the prescription. She stated the spouse notified the facility the same day of the error.A copy of the prescription given to Patient 2 was reviewed. The prescription contained Patient 1's name, date of birth, and medical record number.The facility policy titled "Breach of PHI - Notification, dated November 2010, indicated "Individually identifiable means that the medical information includes or contains any element of personal identifying information sufficient to allow identification of the individual, such as patient's name..., or other information that, alone or in combination with other publicly available information, reveals the individual's identity."The policy further indicated, "Unlawful or Unauthorized Access means the inappropriate access, review, or viewing of patient medical information without a direct need for medical diagnosis, treatment, or other lawful use..."

Outcome:

Deficiency cited by the California Department of Public Health: Health & Safety Code 1280

Related Reports:

3 other violations reported on the same date. Note that other citations may be about the same event: B3CC11.01, B3CC11.02, B3CC11.03