LOMA LINDA UNIVERSITY MEDICAL CENTER

Report ID: CBOS11, California Department of Public Health

Reported Entity: LOMA LINDA UNIVERSITY MEDICAL CENTER

Issue:

Based on interview and record review, the facility failed to protect Patient A ' s medical information. This breach caused Patient A ' s protected health care information to be released.Findings:The facility self reported that the Patient Business Office inadvertently mailed a copy of Patient A ' s billing record to Patient B and that Patient B notified the facility and had returned the document.During an interview with the Customer Service Collector A on 1/25//12 at approximately 3:31 PM, she confirmed that she " Sent out the wrong information to the other (wrong) patient. " The Customer Service Collector A stated, " Suppose to verify the name, address, the information going to be sent, and to verify the name on the envelope. " She also stated, " I can ' t figure out how I printed the label of a patient that never requested for information. " She stated that she gets 2 copies of the billing statement, one copy for the patient ' s file, and the other copy to be mailed out to the patient that requested it. Customer Service Collector A confirmed that one copy was sent to the right patient (Patient A) however, the other copy was sent to the wrong patient (Patient B). The envelope had a wrong name and address. The released healthcare information of Patient A included: a. Name of patient.b. Medical record number.c. Social Security number.d. Address.e. Insurance information.f. Description of services billed.The policy and procedure titled " Uses and Disclosures of Protected Health Information " , effective date 12/2009, indicated, " ...Employee shall establish the identity of individuals to whom they disclose PHI to limit the possibility of unauthorized disclosures.

Outcome:

Deficiency cited by the California Department of Public Health: Patients' Rights