Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
HEMET VALLEY MEDICAL CENTER
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on March 19, 2015. Also cited in 39 other reports.
Report ID: SF9W11, California Department of Public Health
Reported Entity: HEMET VALLEY MEDICAL CENTER
Issue:
Based on staff interview and record review, the facility failed to prevent the unauthorized access and/or disclosure of Patient A's private health information (PHI), when a staff member had called a private citizen's home and left a message regarding health information and or possible test results. The message left on the voicemail was intended for a physician. This failure had the potential to result in the misuse of Patient A's private health information.Findings:On March 20, 2015, at 2:40 p.m., an investigation was conducted on this entity reported incident. The Director of Health Information Management (DHIM) was interviewed on March 20, 2015, at 2:40 p.m. The DIHM stated, "Hospital nursing staff left messages intended for a facility physician on a private citizen's voicemail. The citizen deleted the voicemail and then called the facility to inform our department of the error. Upon the department's investigation, the citizen, was unable to recall a patient name or any other identifiable private health information, only the physician's name.""Further investigation was conducted on the unit where this particular physician had worked. When inquired, the staff members on the unit did not come forward with information to ascertain who left the voicemail messages."On March 20, 2015, a record review of the facility letter addressed to the California Department of Public Health (CDPH), on March 18, 2015, indicated: "Date of incident March 5, 2015, Name of Patient: Unknown; not able to be determined, Name of alleged violator(s): Unknown; not able to be determined." The letter further indicated, "...Upon investigation, it was determined that the citizen's number and the physician's number are the same except for one digit."During the interview with the DHIM on March 20, 2015, at 2:40, the DHIM stated," There was not a policy addressing staff members to not leave private health information on voicemail. Staff are instructed by our Department (during annual HIPPA-Health Insurance Portability and Accountability Act training) not to leave any identifiable patient information on voicemail."
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280