Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
KAISER FOUNDATION HOSPITAL - FONTANA
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on August 9, 2013. Also cited in 6 other reports.
Report ID: 7TVD11.01, California Department of Public Health
Reported Entity: KAISER FOUNDATION HOSPITAL FONTANA
Issue:
Based on interview and record review, the facility failed to ensure the confidential treatment of protected health information (PHI) for Patient A, when Patient A's PHI was given to Patient B at discharge from the emergency department (ED). This breach of Patient A's PHI placed the patient at risk for identity theft and the unauthorized release of PHI. FINDINGS:On February 12, 2013 at 1:15 PM, a phone interview was conducted with the facility privacy officer (FPO) to investigate the entity reported incident of a possible breach of PHI for Patient A.On August 9, 2013, a review was conducted of the entity reported incident. The Facility investigation was also reviewed which revealed that on October 30, 2012, Patient B, returned Patient A's face sheet (contained demographics including social security number), to the facility, which had been intermingled in Patient B's discharge paperwork. The Patient A's PHI which was been given to an unauthorized recipient (Patient B) included the following: a hospital Face Sheet, which contained Patient A's name, identification number, hospital account number, admission date, services provided, admitting diagnoses, patient address, phone number, marital status, date of birth, sex, language spoken, race, ethnicity, medical record number, and the last admission date.On November 19, 2013, at 4:00 PM, a phone interview was conducted with the facility privacy officer, who confirmed the incident. She stated that when Patient B was discharged from the ED, Patient A's face sheet had been mistakenly intermingled in Patient B's discharge paperwork. The Facility failed to protect patient rights regarding maintaining the privacy and confidentiality of patient PHI by not verifying every document given to Patient B was intended for Patient B, resulting in the unauthorized release of Patient A's PHI.
Outcome:
Deficiency cited by the California Department of Public Health: Patients' Rights