Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
COMMUNITY HOSPITAL OF SAN BERNARDINO
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on May 31, 2012. Also cited in 46 other reports.
Report ID: 0SOI11, California Department of Public Health
Reported Entity: COMMUNITY HOSPITAL OF SAN BERNARDINO
Issue:
Based on interview and record review, the facility failed to ensure that documents being sent to an outside agency (attorney) contained only the private health information (PHI) for Patient A. This resulted in a breach when Patient B's emergency room (ER) record was inadvertently sent along with Patient A's records.FindingsOn 5/31/12 at 2:15 PM, an investigation was initiated regarding an entity reported incident regarding Patient B.During an interview with the privacy officer at 2:20 PM, she stated she had been notified by the financial office that an attorney had requested the file for Patient A. During the processing of the file for Patient A, a second patient (Patient B's) 9/22/11 ER visit was sent as well. During review of the letter sent to the privacy officer from the company preparing the medical records, it was noted that Patient B's file had been integrated during the discharge filing process with Patient A's file, and the clerk had not followed their protocol. The protocol requires a final quality control audit of patient identifiers prior to releasing the final record.A review of the letter sent to Patient B from the facility acknowledged a breach of PHI had occurred.
Outcome:
Deficiency cited by the California Department of Public Health: Patients' Rights