The October 14 incident at Mountain View Convalescent Hospital violated the privacy rights of a resident who requires substantial help with basic activities like bathing, dressing, and using the toilet. The patient, admitted September 25 with muscle weakness, a history of falling, and dementia, still retained the ability to understand and be understood according to facility assessments.
Licensed Vocational Nurse 1 logged into the computer system to access the resident's electronic health record at 11:52 a.m., then walked away from Nurses Station 3, leaving the screen visible to anyone passing by.
"The computer was out of LVN 1's sight," the nurse told inspectors when confronted about the open records.
She acknowledged the violation immediately. "LVN 1 should have logged off the computer. LVN 1 should not have the computer opened and unattended."
The Director of Nursing confirmed the seriousness of the breach during a 4 p.m. interview the same day. When staff log into computers and walk away, "they must turn off the computer," she said. Failing to do so "is a violation of Health Insurance Portability and Accountability Act violation."
The nursing director explained the real-world consequences: "If the computer is not turned off, there is a potential for unauthorized people to have access to the residents' records."
Mountain View's own policies, last reviewed September 10, explicitly require electronic protected health information to be "safeguarded by administrative, technical and physical means to prevent unauthorized access." The facility restricts access "to only individuals who have been granted access rights."
The violation occurred despite these clear guidelines and the nurse's apparent understanding of proper protocol.
The resident whose records were exposed lives with progressive mental decline but maintains cognitive abilities that allow communication and understanding. Their medical information includes detailed assessments of physical limitations requiring substantial assistance from staff for personal care tasks.
Electronic health records contain comprehensive medical histories, current treatments, medications, and personal information that federal law specifically protects from unauthorized disclosure. The digital format makes this information instantly accessible to anyone with physical access to an unattended computer screen.
The nurse's admission that the computer was "out of sight" means she had no way to monitor who might have approached the workstation or what information they could have accessed. In a busy nursing facility, this could include other residents, visitors, delivery personnel, or unauthorized staff members.
Federal inspectors classified this as a privacy violation with minimal harm or potential for actual harm, but the Director of Nursing's comments suggest the facility understands the broader implications. HIPAA violations can result in significant financial penalties and legal consequences for healthcare facilities.
The inspection occurred as part of a complaint investigation, suggesting someone reported concerns about privacy practices at the facility. Mountain View Convalescent Hospital operates at 13333 Fenton Avenue in Sylmar, serving residents who require various levels of medical and personal care assistance.
The facility's written policies demonstrate awareness of electronic privacy requirements, mandating multiple layers of protection for patient information. These safeguards become meaningless when staff simply walk away from logged-in computers, creating exactly the unauthorized access scenarios the policies aim to prevent.
The nurse's immediate acknowledgment of wrongdoing suggests this was a momentary lapse rather than intentional misconduct, but the impact on patient privacy remains the same regardless of intent.
For residents like the affected patient, who depend on facility staff for intimate personal care while managing cognitive decline, medical privacy represents one of the few remaining areas of personal dignity and legal protection. When that privacy is compromised through careless handling of electronic records, it violates both federal law and basic professional standards.
The October 14 incident illustrates how quickly privacy violations can occur in healthcare settings where staff routinely access sensitive information throughout their shifts. A single moment of inattention creates the potential for unauthorized access to comprehensive medical records that patients have a legal right to keep confidential.
Full Inspection Report
The details above represent a summary of key findings. View the complete inspection report for Mountain View Conv Hosp from 2025-10-14 including all violations, facility responses, and corrective action plans.