Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Scripps Mercy Hospital
Cited by the California Department of Public Health for violations of California’s Health and Safety Code relating to medical privacy during an inspection that began on December 18, 2013. Also cited in 72 other reports.
Report ID: GXBZ11.02, California Department of Public Health
Reported Entity: SCRIPPS MERCY HOSPITAL
Issue:
Based on interview and record review, the hospital failed to maintain the confidentiality of medical record information belonging to one sampled patient. A nursing staff's failure to check and validate the correct patient information resulted to the unauthorized release of protected health record information. This was in violation of a patient's right to confidential treatment of all communications and records pertaining to the care she had received at the facility.Findings:On 12/18/2013, an onsite visit of the hospital was conducted in response to an entity reported incident about an inadvertent and unauthorized release of a patient's medical record information.On 12/18/13 beginning at 3:25 P.M., a patient relations clinical risk specialist was interviewed regarding the reported incident. She stated that Patient 1 and Patient 2 were both seen and treated in the Emergency Department (ED) on 10/30/2013. Patient 1 was admitted to the hospital and Patient 2 was discharged home. The ED nurse then made copies of the discharge papers for Patient 2, but mistakenly included the medication list belonging to Patient 1. Copies of the records were then provided to Patient 2. The mistake was later discovered by an ED staff when she found Patient 1's medication list co-mingled with Patient 2's medical record file. A follow-up call to Patient 2 confirmed that Patient 2 was mistakenly given the medication list belonging to Patient 1.Patient 1's medical record information that were inadvertently provided to Patient 2 without authorization included Patient 1's name, date of birth, age, date of service, medical record number, account number, attending physician's name, list of medications, and after care instructions. Patient 2 returned the medical record to the facility on 11/04/2013.The hospital staff's 's failure to check and validate the patient's name in each record prior to its release resulted to the unauthorized release of Patient 1's medical record information. This was also in violation of the patient's right to confidential treatment of all communications and records pertaining to the health care she had received at the facility on 10/30/2013.
Outcome:
Deficiency cited by the California Department of Public Health: Patients' Rights