Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
EISENHOWER MEDICAL CENTER
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on February 6, 2014. Also cited in 279 other reports.
Report ID: 6QGX11.01, California Department of Public Health
Reported Entity: EISENHOWER MEDICAL CENTER
Issue:
Based on interview and record review, the facility failed to prevent the unauthorized access and/or disclosure of Patient A's protected health information, when Patient B was registered under Patient A's name. This failure had the potential to result in the misuse of Patient A's PHI.Findings:On October 22, 2013, The facility notified the California Department of Public Health, that information containing Patient A's name, was inadvertently given to Patient B. On February 6, 2014, at 10:15 a.m., the Information Privacy Officer was interviewed. The IPO stated a registration clerk gave the wrong registration packet to Patient B. The IPO stated a patient arm band and admission documents, printed with Patient A's information, were given to Patient B. The IPO stated the error was recognized when Patient B went to the facility laboratory. A copy of the "Condition of Admission," form given to Patient B was reviewed. The form contained Patient A's name, date of birth, facility account number and medical record number. The facility policy and procedure titled "HIPAA- Use and Disclosure of Protected Health Information," undated, indicated "It is the policy of ...(facility's name) that the confidentiality of Protected Health information in records and collected...will be protected to the fullest extent possible."The policy indicated, "To protect the patient's right to privacy and confidentiality, at no time will names or information be shared with any person who does not have the need to know in order to provide patient care."
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280