MENIFEE VALLEY MEDICAL CENTER

Report ID: LPWR11.01, California Department of Public Health

Reported Entity: MENIFEE VALLEY MEDICAL CENTER

Issue:

Based on interview and facility document review, the facility failed to prevent unauthorized access and/or disclosure of Patient 1's medical information, when Patient 1's preliminary radiology report was given to Patient 2. This failure had the potential to result in misuse of private/protected information.Findings: On September 9, 2013, at 10:15 a.m., the Privacy Officer (PO), was interviewed. The PO stated, Patient's 1 and 2 were seen in the Emergency Department on August 10, 2013. Both patients received a CT scan (Computed Tomography- uses X-rays to make detailed pictures of structures inside the body). The PO stated Patient 2 inadvertently received Patient 1's Preliminary Radiology Report upon discharge.A copy of Patient 1's Preliminary Radiology Report that was given to Patient 2 was reviewed. The report included Patient 1's name, date of birth, medical record number, procedure ordered (CT scan), reason for CT scan, and findings of CT scan.The facility policy titled "Breach of PHI - Notification, dated November 2010, indicated "Individually identifiable means that the medical information includes or contains any element of personal identifying information sufficient to allow identification of the individual, such as patient's name..., or other information that, alone or in combination with other publicly available information, reveals the individual's identity."The policy further indicated, "Unlawful or Unauthorized Access means the inappropriate access, review, or viewing of patient medical information without a direct need for medical diagnosis, treatment, or other lawful use..."

Outcome:

Deficiency cited by the California Department of Public Health: Health & Safety Code 1280

Related Reports:

3 other violations reported on the same date. Note that other citations may be about the same event: 3VH211.01, 3VH211.02, 3VH211.03