The information below comes from the statement of deficiencies compiled by health inspectors and provided to AHCJ by the Centers for Medicare and Medicaid Services. It does not include the steps the hospital plans to take to fix the problem, known as a plan of correction. For that information, you should contact the hospital, your state health department or CMS. Accessing the document may require you to file a Freedom of Information Request. Information on doing so is available here.
| LAS PALMAS MEDICAL CENTER | 1801 NORTH OREGON STREET EL PASO, TX 79902 | Jan. 3, 2017 |
| VIOLATION: PATIENT RIGHTS: GRIEVANCES | Tag No: A0118 | |
| Based on a review of facility policies and staff interviews, the hospital failed to implement and enforce its own policy related to the resolution of patient grievances in 1 of 5 patient grievances reviewed (Patient #1). Findings were: Facility policy #RI 146 entitled Patient Grievance and Complaint Management, approval date 2/16, included the following: "DEFINITIONS:... A Patient Grievance is a written or verbal complaint (when the verbal complaint about patient care is not resolved at the time of the complaint by staff present) by a patient, or the patient's representative, regarding the patient's care, abuse or neglect, issues related to compliance with the CMS Conditions of Participation (CoP), or a Medicare beneficiary billing complaint related to rights and limitations provided by 42 CFR 489...A verbal complaint is a grievance if it cannot be resolved at the time of the complaint by staff present, if it is postponed for later resolution, if it is referred to other staff for later resolution, if requires investigation, and/or if it requires further actions for resolution... POLICY... A Patient or Non-Patient Notification should be initiated for all concerns/complaints/grievances requiring further follow-up and forwarded to the following:... 2. Quality Management - shall be responsible for any quality of care issues... 5. Facility Privacy Officer (FPO) shall be responsible for overseeing the investigation and resolution of grievances related to the Health Insurance Portability and Accountability Act (HIPAA)..." Patient #1 visited the hospital emergency department on 4/12/16. After leaving, she realized she had been given the discharge instructions of Patient #2, another patient with a similar name. She believed she'd received inappropriate care as a result. Patient #1 contacted the facility by telephone on 4/13/16 to express her concerns. These concerns included several issues related to the care she had received. In a group interview with the administrative director of quality, administrative director for critical care, and the emergency department director, Staff #1, 4 and 5 respectively, on the morning of 1/3/17 in a facility administrative meeting room, Staff #4 stated, "I talked to [Patient #1] on the phone when she called to complain...I remember she said she didn't feel she'd had the right care. But I passed her on to [Staff #12, ED physician] and he said the care had been correct. He told her that on the phone...We didn't consider this a grievance because [Staff #12] looked at it and said the care given was appropriate. We were just looking at this as a HIPAA violation." In an interview with Staff #1, Administrative Director of Quality, on the morning of 1/3/17 in a facility meeting room, she stated, "I didn't know anything about this, so we don't have any kind of investigation into the problem or any kind of follow-up grievance communication to share. I'm not sure what happened here, but this is the first I've heard of it. I don't think we'd normally call this a grievance." In an interview with Staff #3, Facility Privacy Official, on the morning of 1/3/17 in a facility meeting room, she was asked whether Patient #2 had been contacted regarding Patient #1 receiving discharge instructions in her name. Staff #3 stated "Ethics & Compliance wasn't contacted about this incident. Typically - and unfortunately this case was a fall-out - we have a process for reporting that we follow in these types of cases. Our process is set up for reporting even at this late point. Our own policies weren't followed here. What should have happened is that they would let me know so that I can do all of that reporting. We'd also retrieve the information back or ask for confirmation that it was appropriately disposed of." During an interview with Staff #6, Risk Manager, on the afternoon of 1/3/17, she was asked about grievances and the facility's process of dealing with them. She stated, "The process is that during a patient stay, a complaint is dealt with by the unit director personally. It's after they're discharged that we get involved in a complaint. We'll get notified either by phone, letter or in person, but it's not a grievance unless the complaint is made after discharge. While they're here, it's handled by the unit director...We didn't know anything about this complaint." The above findings were confirmed in an interview with the administrative director of quality, the director of nursing and the interim director of quality on the afternoon of 1/3/17 in a facility administrative meeting room. |
||
| VIOLATION: PATIENT RIGHTS: CONFIDENTIALITY OF RECORDS | Tag No: A0147 | |
| Based on a review of facility policies and staff interviews, the hospital failed to implement and enforce its own policy related to protected health information (PHI) and the confidentiality of patient records for 1 of 3 patient records reviewed in which a breach of confidentiality had occurred (Patients #1). Findings were: Corporate policy reference #IP.PRI.011 entitled Information Protection, effective date 9/23/2013, included the following: "PURPOSE: To facilitate compliance with the Health Information Technology for Economic and Clinical Health Act (HITECH) component of the American Recovery and Reinvestment Act of 2009 (ARRA) breach notification of unsecured protected health information (PHI) requirements and any and all Federal regulations and interpretive guidelines promulgated thereunder... POLICY: Any Company-affiliated facility in the case of a breach of unsecured PHI, must notify the patient or their personal representative without unreasonable delay and in no case later than 60 days of discovering the breach. A breach is considered discovered as of the first day on which the breach is known by the business associate and/or facility... Corporate policy reference #IP.PRI.012 entitled Information Protection, effective date 9/23/2013, included the following: "PURPOSE: To facilitate compliance with the Health Insurance Portability and Accountability Act (HIPAA) Standards for Privacy of Individually Identifiable Health Information (Privacy Standards), 45 CFR Parts 160 and 164, the Health Information Technology for Economic and Clinical Health Act (HITECH) component of the American Recovery and Reinvestment Act of 2009 (ARRA0, and any and all other Federal regulations and interpretive guidelines promulgated thereunder. To establish guidelines for protecting and safeguarding protected health information (PHI)... POLICY:...The facility must identify and utilize appropriate administrative, physical, and technical safeguards in order to protect PHI from inappropriate and/or unauthorized access, use and/or disclosures...This policy addresses oral and paper-based PHI... Paper Documents Containing PHI... 4. Facilities must have a process in place to verify documents are for the correct patient prior to providing the documents to the recipient (e.g., verify recipient and content prior to giving discharge papers to an individual)..." Corporate policy reference #IP.PRI.013 entitled Information Protection, effective date 9/23/2013, included the following: "POLICY: In order to protect PHI when inappropriate or unauthorized access, use and/or disclosure of PHI occur, the facility must take immediate, reasonable steps to mitigate the situation. The facility must review the administrative, physical, and technical safeguards in place to help ensure PHI is protected from further inappropriate and/or unauthorized access, use and/or disclosure... Paper Documents Containing PHI In the event documents containing PHI are accessed, used, and/or disclosed inappropriately or without authorization, the following mitigation efforts must be taken, as applicable: A. If the incorrect PHI is given to a patient or the incorrect patient receives PHI, the facility must make attempts to retrieve the PHI or request that the PHI be destroyed. Documentation supporting the attempts to retrieve the PHI and supporting the mitigation attempts...must be included as part of the facility's investigation documentation..." Patient #1 visited the hospital emergency department on 4/12/16. After leaving, she realized she had been given the discharge instructions of Patient #2, another patient with a similar name. She believed she'd received inappropriate care as a result. Patient #1 contacted the facility by telephone on 4/13/16 to express her concerns. In a group interview with the administrative director of quality, administrative director for critical care, and the emergency department director, Staff #1, 4 and 5 respectively, on the morning of 1/3/17 in a facility meeting room, Staff #4 stated, "I talked to [Patient #1] on the phone when she called to complain...I remember she said she didn't feel she'd had the right care. But I passed her on to [Staff #12, ED physician] and he said the care had been correct. He told her that on the phone...We didn't consider this a grievance because [Staff #12] looked at it and said the care given was appropriate. We were just looking at this as a HIPAA violation." In an interview with Staff #3, Facility Privacy Official, on the morning of 1/3/17 in a facility meeting room, she was asked whether Patient #2 had been contacted regarding Patient #1 receiving discharge instructions in her name. Staff #3 stated "Ethics & Compliance wasn't contacted about this incident. Typically - and unfortunately this case was a fall-out - we have a process for reporting that we follow in these types of cases. Our process is set up for reporting even at this late point. Our own policies weren't followed here. What should have happened is that they would let me know so that I can do all of that reporting. We'd also retrieve the information back or ask for confirmation that it was appropriately disposed of." The above findings were confirmed in an interview with the administrative director of quality, the director of nursing and the interim director of quality on the afternoon of 1/3/17 in a facility administrative meeting room. |
||