Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
SUTTER COAST HOSPITAL
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on March 6, 2012. Also cited in 58 other reports.
Report ID: 6P4O11.01, California Department of Public Health
Reported Entity: SUTTER COAST HOSPITAL
Issue:
Based on interview and document review, the hospital failed to prevent unauthorized access to one patient's protected health information (PHI).Findings:In interview on 3/6/12 at 10 a.m., Staff A stated that on 4/9/11, Patient 1 was being prepared for transfer to a hospital in Oregon. Another patient was being transferred to a hospital in California at the same time, and Staff B inadvertently included Patient 1's face sheet in the information she was sending to the hospital in California. Staff A stated that on 4/9/11, staff from the hospital in California reported the error and destroyed Patient 1's face sheet. Staff A stated that the hospital notified Patient 1 and the Department of the breach on 4/13/11.Record review on 3/6/12 demonstrated that Patient 1's breached PHI consisted of age, sex, date of birth, address, partner ' s name and address, medical record number, chief complaint, date and place of treatment, and attending physician.Record review on 3/6/12 confirmed that Patient 1 and the Department were notified of the breach on 4/13/11, within 5 business days of the error.
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280