Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
SUTTER COAST HOSPITAL
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on March 6, 2012. Also cited in 58 other reports.
Report ID: WENM11.01, California Department of Public Health
Reported Entity: SUTTER COAST HOSPITAL
Issue:
Based on interview and document review, the hospital failed to prevent unauthorized access to one patient's x-ray report.Findings: In interview on 3/6/12 at 11:30 a.m., Staff A stated that on 12/14/11, Patient 1's x-ray report was found on a prison representative's desk on 12/14/11 with other documents picked up at the hospital by the prison's courier. Staff A stated that Patient 1 was not an inmate. Staff A stated that all records sent from the hospital to the prison are identified by an inmate number only, no name. The courier from the prison must sign off on all of the records received. Staff A stated that the courier had no record of receiving the x-ray report. Staff A stated that the medical records department had no record that Patient 1's x-ray report had been requested or sent out. Staff A stated that he had been unable to determine how the report had reached the prison representative's desk. Document review on 3/6/12 demonstrated that Patient 1's x-ray report included her name, date of birth, the reason for the x-ray, the findings, and the name of the ordering physician.
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280