Based on observation tour, review of facility policy, documentation, medical records (MR) and interview with staff (EMP), it was determined the facility failed to ensure the personal health information (PHI) pertaining to the medical care for three of three medical records reviewed was treated in a confidential manner and secured at the registrar's desk (MR1 MR2 and MR3).
Review of facility policy "Bylaws of the Medical Staff of Children's Dental Surgery" last revised November 11, 2018, revealed " 3. Confidentiality of Information: A. Information submitted, collected or prepared by any representative of the Center or third party for the purpose of evaluating, monitoring or improving the quality and efficiency of patient care services; determining that services are professionally indicated or were performed in compliance with the applicable standard of care; or related to any of the activities set forth in these Bylaws shall be privileges and confidential and so maintained by the Center."
Review of facility policy " Identification of the Patient" last revised October 18, 2018, revealed " 1. Reception Area: a. Upon greeting the patient, Center staff confirms the patient's name, social security number, date of birth and various elements."
An observation tour of the facility conducted on January 29, 2020, at 4:00 PM of the reception area of the registrar desk revealed two unlocked drawers of patient personal health information obtained by the receptionist which contained the following information:
Review of MR1, PHI revealed the first and last name of the patient, personal address, telephone number, date of surgical procedure date of January 30, 2020 and the name of the surgeon performing the procedure, CF1.
Review of MR2, PHI revealed the first and last name of the patient, personal address, telephone number, date of surgical procedure date of January 30, 2020 and the name of the surgeon performing the procedure, CF2.
Review of MR3, PHI revealed the first and last name of the patient, personal address, telephone number, date of surgical procedure date of January 30, 2020 and the name of the surgeon performing the procedure, CF2.
An interview conducted on January 29, 2020, at 5:00 PM with EMP2 confirmed that the unlocked opened drawers at the receptionist's desk contained personal health information for MR1, MR2 and MR3 that was not treated in a confidential manner and secured. EMP2 stated " I will need to inservice the staff that sits in this area about securing patients PHI."
| ||Plan of Correction - To be completed: 06/01/2020|
At the end of each business day the front desk staff will lock all patient records in the business office before leaving at the end of each worked shift
Staff will be required to attend a meeting that will take place the week of 3/2/2020. Staff will be required to sign in that they participated in an educational training provided by the administrator and director of nursing about patient confidentiality about topics including:
1. Elements of HIPPA
2. Patient Rights
3. Educate staff about the new internal process for securing patient records at the end of each business day.
At the end of each business day the front desk staff will lock all patient records in the business office. After this task is complete an attestation sheet will be signed by the front desk staff employee responsible for securing patient charts. This attestation log we be maintained including the staff members name and date that they secured patient records.
The Director of Nursing and Administrator will be responsible for sustaining patient confidentiality through weekly audits checking that patient charts were secured at the end of each business day. The administrator and DON will monitor this process until 100% compliance is sustained by 6/1/2020. Compliance of weekly audits will be presented to the quality committee for review.
The corrective action will be complete 6/1/2020