Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
CONTRA COSTA REGIONAL MEDICAL CENTER
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on January 6, 2014. Also cited in 103 other reports.
Report ID: L47L11.01, California Department of Public Health
Reported Entity: CONTRA COSTA REGIONAL MEDICAL CENTER
Issue:
Based on interview and record review, the facility failed to prevent unauthorized access and disclosure of Patient 56's and 57's protected, confidential health information, when the patients' After Visit Summary was given to the opposite patient. This failure allowed for potential unlawful or unauthorized use of the information and violation of the patient's right to privacy. Findings: During an interview on 1/06/14 at 12:30 p.m., the Compliance Officer confirmed that the two patients' information had been inadvertently given to the other patient. The compliance officer confirmed the information released. A review of the letter submitted by the facility revealed that the information included the patients' name, medical record number, date of birth, date of visit, gender and medical information including medication names, physician name, diagnostic information and next appointments. The incident resulted from the staff person's failure to confirm the correct identity of the patient by use of more than one identifier, prior to giving them the documents.
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280