Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
RIVERSIDE COMMUNITY HOSPITAL
Cited by the California Department of Public Health for violations of California’s Health and Safety Code relating to medical privacy during an inspection that began on December 13, 2012. Also cited in 64 other reports.
Report ID: 99011.02, California Department of Public Health
Reported Entity: RIVERSIDE COMMUNITY HOSPITAL
Issue:
Based on interview and record review, the facility failed to ensure the breach (disclosure) of Patient B's Protected Health Information (PHI) to an individual not authorized to receive the information, (Patient A), was reported to the Department by five business days. This failure resulted in a reporting delay of seven days.Findings:An interview was conducted with the facility's Privacy Officer (PO) on December 13, 2012, at 12:20 p.m. The PO indicated when Patient A was discharged from the facility, the patient was given PHI of Patient B.Patient B's PHI which was disclosed to Patient A included Patient B's name, date of admission, date of birth, account number, and a consent for a clearly identified medical procedure.The PO further stated a family member of Patient A returned the PHI to a staff member at the facility on November 21, 2012, however she was not notified of the breach of Patient B's PHI until December 7, 2012, seven days after the PHI was returned to the facility.A review of the FAX transmission report sent from the PO to the Department which was dated December 7, 2012, at 6:18 p.m., reflected the time the breach of Patient B's information was reported.
Outcome:
Deficiency cited by the California Department of Public Health: HSC Section 1279