Penalty

No penalty information released

The penalty, as released by CMS, applies to the entire inspection this citation is part of, covering all citations and f-tags issued, not just this specific f-tag. For the complete original report, please refer to the 'Details' section.

Summary

The deficiency involves the facility’s failure to safeguard confidential electronic medical records and to provide a resident’s medical records upon repeated written requests. On Hall C, a computer mounted to the wall was observed logged into the medical record system under a CNA’s user account and left unattended. The CNA’s name was visible on the screen, and the OT who observed the computer stated that the CNA should not have logged into the system and left it unattended because it contained private resident records and orders. The ADON and DON both stated that the computer should not have been left logged in, as unauthorized individuals could access resident information, including social security numbers, home addresses, and diagnoses. When a different CNA later logged into the same computer, the DON confirmed that from the home screen staff did not need an additional password to access resident records. The deficiency also includes the facility’s failure to respond to multiple written requests for a deceased resident’s medical records submitted by the resident’s representative through an outside entity. Five letters, each containing a certified and first-class mailing, were sent to the facility’s President/CEO or the facility’s parent company, requesting the resident’s complete medical record for a specified time period and including an authorization form for release of protected health information signed by the resident’s representative. The letters also included a copy of the resident’s death certificate and the representative’s state ID. Postal tracking showed that some letters had not reached their destination, one was returned to sender, and one was received and signed for at a postal facility. The facility had undergone a name change, but the parent company remained the same. Record review showed that the resident was an older male with multiple serious medical diagnoses, including anemia, Parkinsonism, pressure ulcers, Alzheimer’s disease, quadriplegia, dysphagia, acute respiratory failure with hypoxia, and pneumonia. He was coded on the MDS as rarely or never understood, with short- and long-term memory problems and total dependence on staff for all ADLs. Staff interviews revealed that the social worker, medical records staff, and business office managers (both current and former) denied receiving or being aware of any medical records requests for this resident. The Administrator, who had been in his position for about a month, described a process in which the DON would send medical records requests to the business office manager and stated that if mail was addressed to the previous company, he would not sign for it and the letters would be sent back. He reported that the facility did not receive any mail or letters related to this resident, despite the documented mailings and statutory requirements under Texas Civil Practice and Remedies Code Sections 74.051 and 74.052 for providing medical records within a specified timeframe after receipt of a written request accompanied by a proper authorization.