Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
EISENHOWER MEDICAL CENTER
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on May 28, 2012. Also cited in 279 other reports.
Report ID: RQXG11, California Department of Public Health
Reported Entity: EISENHOWER MEDICAL CENTER
Issue:
Based on interview and record review, the facility failed to ensure all patient protected health information (PHI) was kept protected, which resulted in the unauthorized access of the patient's confidential information (Patient A). Patient A's confidential information was sent via facsimile to the wrong physician's office on October 27, 2011. This resulted in the unauthorized disclosure of Patient A's protected health information.Findings:On May 25, 2012, at 10:30 a.m., an interview was conducted with the Director of Compliance. The Director stated on November 3, 2011, staff from a physician's office contacted the facility to report a receipt of Patient A's PHI. The office notified the facility that the document was not intended for physicians in that office. The Director stated the report contained the patient's name, sex, date of birth, medical record number and financial number. Patient A's laboratory report was reviewed on May 25, 2012. The report included the patient's name, medical record number, gender, date of birth, financial number, day of service, diagnosis and laboratory results. The facility policy and procedure titled, "Faxing Protected Health Information," revised on June 24, 2009, indicated, "All Protected Health Information sent or received by the facility shall be in a manner that protects against unauthorized disclosure of such records to third parties." The Policy indicated whenever possible, staff faxing PHI should: 1. Telephone the receiving facility to inform them that PHI was being faxed, and confirm fax number. 2. Reconfirm the destination prior to transmission by checking the phone number displayed on the fax machine screen before transmitting.3. Confirm the success of the transmission by calling intended recipient or by checking the fax transmittal report, if available.
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280