Corporate Compliance

Seven CA facilities fined for privacy breaches

Compliance Monitor, December 1, 2010

Six California hospitals and a nursing home must pay a total of nearly $800,000 for failing to prevent unauthorized access to confidential patient medical information, according to a California Department of Public Health (CDPH) press release.

The following facilities received administrative fines and penalties:

  • Biggs Gridley Memorial Hospital, Gridley, Butte County: The hospital was assessed a $5,000 fine after the facility failed to prevent unauthorized access of one patient’s medical information by two employees on three occasions.
  • Children’s Hospital of Orange, Orange, Orange County: The hospital was assessed a $25,000 fine after the facility failed to prevent unauthorized access of one patient’s medical information by one employee.
  • Delano Regional Medical Center, Delano, Kern County: The hospital was assessed a $60,000 fine after the facility failed to prevent unauthorized access and disclosure of one patient’s medical information by one employee on three occasions.
  • Kaweah Manor Convalescent Hospital, Visalia, Tulare County: The nursing home was assessed a $125,000 fine after the facility failed to prevent unauthorized access and use of five patients’ medical information by one employee.
  • Kern Medical Center, Bakersfield, Kern County: The hospital was assessed a $60,000 fine after the facility failed to prevent unauthorized access and disclosure of one patient’s medical information by two employees on three occasions.
  • Kern Medical Center, Bakersfield, Kern County: The hospital was assessed a $250,000 fine after the facility failed to prevent the theft of 596 patients’ medical information.
  • Oroville Hospital, Oroville, Butte County: The hospital was assessed a $42,500 fine after the facility failed to prevent unauthorized disclosure of one patient’s medical information by one employee on two occasions.
  • Pacific Hospital of Long Beach, Long Beach, Los Angeles County: The hospital was assessed a $225,000 fine after the facility failed to prevent unauthorized access and use of nine patients’ medical information by one employee.
The facilities are also required to submit a plan of correction to CDPH within 10 working days and must implement a plan of correction to prevent future incidents.

Most Popular