Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
SAINT AGNES MEDICAL CENTER
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on November 1, 2013. Also cited in 16 other reports.
Report ID: JP7F11, California Department of Public Health
Reported Entity: SAINT AGNES MEDICAL CENTER
Issue:
Based on staff interview, clinical record and administrative document review, the facility failed to ensure confidential treatment of protected health information (PHI) when laboratory results for Patient 1 were auto-faxed to a private residence.This failure resulted in unauthorized disclosure of Patient 1's PHI and the potential for abuse of that information.Findings:On 11/1/13 at 9:17 a.m., during an interview, the Compliance Officer (CO) stated an incorrect fax number for Patient 1's physician was entered into the lab's fax machine and was not corrected. CO stated the fax was received by a private residence fax machine. Patient 1's PHI breached faxed included the patient's name, account number, date of birth, telephone number, date of service, and lab results. The hospital policy titled, "Privacy and Confidentiality Policy" dated 9/17/09, indicated "General Procedures... (Hospital) recognizes the importance of safeguarding all confidential information...Each (hospital) employee has a personal responsibility to protect both the privacy and confidentiality of that information."
Outcome:
Deficiency cited by the California Department of Public Health: Patients' Rights