The privacy breach occurred on September 10, 2025, when Nurse #5 texted a nurse practitioner about a resident who had been bleeding from a surgically-placed feeding tube. Federal inspectors discovered the violation during an October 30 complaint investigation at Clayton Rehabilitation and Healthcare Center.
The resident had arrived at the facility that evening by stretcher after a month-long hospital stay where doctors had placed the gastrostomy tube. Around 8:30 PM, a medication aide found the resident bleeding from the tube site and asked Nurse #5 for help.
Nurse #5 applied a bandage and stopped the bleeding. But he couldn't find any medical history or orders in the electronic record and failed to reach the former director of nursing by phone.
The bleeding started again between 11:00 and 11:50 PM. A newer night shift nurse, unsure how to handle the emergency, sought out Nurse #5 for assistance. He helped stop the bleeding a second time.
Concerned about the resident's condition and the lack of medical orders, Nurse #5 wanted to ensure the nurse practitioner would examine the patient first thing in the morning. He sent a text message using his personal phone that included the resident's name and information about the gastrostomy tube bleeding.
When inspectors interviewed Nurse #5 on October 15, he showed them the text he had sent to the nurse practitioner. The message contained protected health information transmitted through an unsecured communication method.
"He had done this out of concern and because no one had trained him otherwise that he could not text medical information with resident's names and personal health information on a personal phone," inspectors wrote.
The nurse told inspectors he had never been informed about secure methods for communicating with the nurse practitioner. The facility's interim director of nursing confirmed during an October 16 interview that Clayton Rehabilitation had no secure healthcare messaging application that would comply with federal privacy laws.
Instead, nurses were supposed to call and speak verbally with the nurse practitioner when medical communication was needed.
The confusion about the resident's care began with a breakdown in staffing assignments. The interim director of nursing, who was working as a unit manager when the resident arrived, said a medication aide was assigned to the hall and Nurse #5 was covering things the aide couldn't handle.
But Nurse #5 told inspectors he had been working on an adjacent hall and "had never been told he was responsible for the resident." The miscommunication left him caring for a patient with no medical history available and no clear orders for treatment.
The resident had been hospitalized from mid-August until September 10, when he was discharged directly to Clayton Rehabilitation. The gastrostomy tube placement during his hospital stay represented a significant medical intervention that required careful monitoring and specific care protocols.
Federal privacy regulations require healthcare facilities to protect patients' personal and medical information from unauthorized disclosure. Text messages sent through personal phones lack the encryption and security measures necessary to safeguard protected health information.
The violation affected communication protocols between nursing staff and the facility's nurse practitioner, highlighting gaps in both privacy training and secure communication systems. Inspectors classified the harm level as minimal, noting potential for actual harm rather than documented injury to the resident.
The privacy breach occurred during a critical period when the resident needed immediate medical attention for a potentially serious complication. Gastrostomy tube bleeding can indicate infection, improper placement, or tissue damage that requires prompt medical evaluation.
Nurse #5's decision to use his personal phone reflected his concern for the resident's welfare, but also demonstrated the facility's failure to establish secure communication protocols for urgent medical situations.
The interim director of nursing's admission that Clayton Rehabilitation lacked any HIPAA-compliant messaging system revealed a systemic problem affecting all staff communications with healthcare providers.
Without proper training on privacy requirements or access to secure communication tools, nursing staff faced an impossible choice between patient safety and regulatory compliance. The facility's instruction to use only verbal communication with the nurse practitioner proved inadequate for urgent after-hours situations.
The inspection found that Clayton Rehabilitation failed to ensure staff knowledge about protecting resident privacy, specifically regarding the prohibition against texting medical information through unsecured personal devices.
Full Inspection Report
The details above represent a summary of key findings. View the complete inspection report for Clayton Rehabilitation and Healthcare Center from 2025-10-30 including all violations, facility responses, and corrective action plans.
Additional Resources
- View all inspection reports for Clayton Rehabilitation and Healthcare Center
- Browse all NC nursing home inspections