Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
SANTA CLARA VALLEY MEDICAL CENTER
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on August 14, 2012. Also cited in 90 other reports.
Report ID: O8RD11.01, California Department of Public Health
Reported Entity: SANTA CLARA VALLEY MEDICAL CENTER
Issue:
Based on documentation and interview, hospital staff failed to implement a patient's right to privacy by accessing patient medical information without consent.Findings:In an interview with the hospital privacy officer (Staff A) on 8/14/12, Staff A stated on 5/10/12 she was informed that a medical assistant (MA 1) from an outpatient clinic had accessed patient information on the hospital's computer system without patient authorization. The investigative report of the privacy officer was reviewed on 8/14/12 and indicated, on 5/8/12 a supervisor in the clinic noted a patient's name on MA 1's computer screen. The patient (Patient 1) was a retired employee. On 5/10/12 the supervisor asked MA 1 about the incident and MA 1 admitted to typing the patient's name which brought up the patient's scheduling information.The incident was referred to the hospital privacy officer on 5/10/12 at which time an investigation was initiated. The investigation revealed MA 1 accessed a computer scheduling screen that included the patient's name, account number, medical record number and date of scheduled visit. There was no patient authorization for this access or need to know by MA 1.
Outcome:
Deficiency cited by the California Department of Public Health: Patients' Rights