Federal inspectors discovered the privacy violation at Nexus at Berwyn on January 27th at 12:35 PM. The report sheet sat on top of the medication cart in the first floor north hallway, displaying health information for both residents without any covering.
A certified nurse aide working nearby confirmed the form contained resident information. She told inspectors the nurse on duty had left for lunch. When asked about the exposed records, the aide said she wasn't sure if the report should be placed on top of the cart where others could see it.
The Director of Nursing acknowledged fifteen minutes later that the report form contained resident information and should not have been visible on the cart. She confirmed the exposure violated resident privacy requirements.
Two days later, the Assistant Administrator explained that resident records containing medical information should never be visible to other residents or visitors. All records must be covered to maintain privacy, she said. The facility's only HIPAA policy exists in the employee handbook.
The exposed records contained extensive medical details about both residents. One resident's information included diagnoses of primary osteoarthritis, type 2 diabetes without complications, acute and chronic respiratory failure with hypoxia, insomnia due to mental disorder, acute bronchitis, gastroesophageal reflux disease, anemia, high cholesterol, bipolar disorder, depression, nerve damage, high blood pressure, and irregular heartbeat.
The second resident's medical information listed heart failure, pneumonia, heart rhythm problems, type 2 diabetes without complications, high blood pressure, paralysis following stroke affecting the left side, chronic lung disease, muscle weakness, abnormal posture, and difficulty swallowing.
Anyone walking past the medication cart could have read these intimate health details.
The facility's employee handbook states that medical records must remain confidential according to federal HIPAA privacy rules. The policy requires staff to maintain confidentiality of protected health information and limits when and how such information may be used or disclosed.
Staff members cannot use or disclose protected health information in any manner that would violate privacy rules. The handbook warns that any employee found violating HIPAA faces disciplinary action up to immediate termination.
Yet the nurse responsible for the exposed records had left them completely uncovered during lunch break.
The violation occurred in a main hallway where residents, visitors, and other staff regularly pass by the medication cart. The first floor north corridor serves as a primary pathway through the facility.
Medical privacy violations can have lasting consequences for residents and their families. Exposed health information may reveal conditions residents prefer to keep private, including mental health diagnoses, chronic diseases, and other sensitive medical details.
The certified nurse aide's uncertainty about proper record handling suggests inadequate staff training on privacy requirements. Her comment that she wasn't sure about cart placement indicates confusion about basic HIPAA protocols.
Federal privacy rules exist specifically to prevent such exposures. The Health Insurance Portability and Accountability Act requires healthcare facilities to safeguard patient information from unauthorized viewing, whether intentional or accidental.
The Director of Nursing's immediate acknowledgment that the exposure violated privacy requirements demonstrates the facility knew proper procedures but failed to follow them. Her confirmation came only after inspectors pointed out the violation.
Medication carts move throughout nursing home hallways during medication administration rounds. Staff must secure any resident information placed on these mobile workstations to prevent privacy breaches as they travel between rooms.
The Assistant Administrator's explanation that records should never be visible to residents or visitors came two days after the violation occurred. This delayed response suggests the facility may not have immediately addressed the privacy breach with all staff members.
The facility's reliance on employee handbook policies rather than comprehensive HIPAA training programs may contribute to privacy violations. Staff need regular education about protecting resident information in daily work situations.
Both affected residents had complex medical conditions requiring detailed care coordination. Their exposed records contained information about chronic diseases, mental health conditions, and physical disabilities that could subject them to discrimination or unwanted attention if viewed by unauthorized individuals.
The medication cart placement in a main hallway creates ongoing privacy risks if staff continue leaving resident information uncovered. High-traffic areas require extra precautions to protect confidential medical records.
Federal inspectors classified this as a minimal harm violation affecting few residents. However, privacy breaches can cause significant emotional distress and erode trust between residents and caregivers.
The violation demonstrates how easily protected health information can become exposed through careless handling practices. A simple lunch break led to two residents' most private medical details being displayed for public viewing.
Staff members responsible for medication administration must understand that any resident information placed on mobile carts requires immediate covering or secure storage. The exposed report sheet remained visible for at least fifteen minutes before inspectors discovered it.
The facility's acknowledgment of proper procedures after the violation suggests knowledge of requirements but inconsistent implementation. Training programs must address real-world scenarios where privacy breaches commonly occur.
Residents entering nursing homes surrender significant privacy in exchange for necessary care. Facilities have both legal and ethical obligations to protect the medical information residents cannot safeguard themselves.
The two residents whose information was exposed continue living at Nexus at Berwyn, where their most intimate health details were left visible to anyone passing through the hallway.
Full Inspection Report
The details above represent a summary of key findings. View the complete inspection report for Nexus At Berwyn from 2026-01-30 including all violations, facility responses, and corrective action plans.