Corporate Compliance

California hospital email to hundreds of workers violates HIPAA

Compliance Monitor, May 16, 2012

Shasta Regional Medical Center in Redding, Calif., violated patient confidentiality when it sent an email about her treatment to nearly 800 hospital staff members, the Los Angeles Times reported May 5.

The hospital had five total deficiencies related to unauthorized disclosures of a diabetes patient’s PHI in 2010, according to the California Department of Public Health. Prime Healthcare Services, based in Ontario, Calif., owns Shasta Regional Medical Center.

The hospital’s CEO and chief medical officer violated state law by disclosing the patient's medical information to media organizations without her authorization and it failed to report the violation as required by law, the newspaper reported.

Read the full article.

Most Popular