Failure to Secure Electronic Medical Records
Penalty
Summary
A medication aide (MA) failed to ensure the privacy and confidentiality of a resident's personal and medical records by leaving a computer screen displaying the resident's morning medication list unattended and unlocked for 10 minutes. The computer was left facing the wall, but the screen was not locked, and the MA was unaware that simply minimizing the screen did not secure the information. This incident was observed during a medication pass for a female resident with severe cognitive impairment, as indicated by a BIMS score of 04, and diagnoses including anxiety disorder, Alzheimer's disease, and dysphagia. During interviews, the MA admitted to not knowing how to lock the computer screen and acknowledged that the resident's private medical information could have been exposed. The Director of Nursing (DON) was unaware of the incident prior to being informed and stated that the expectation was for all nursing staff to lock computer screens when unattended to comply with HIPAA regulations and protect resident information. The facility's policy requires adherence to privacy standards, but this was not followed in this instance.