N0202
D

Privacy Breach Due to Unattended Computer Screens

Miami Shores Nursing And Rehab CenterMiami, Florida Survey Completed on 03-26-2025

Summary

The facility failed to ensure the privacy of residents' information, as evidenced by observations of unlocked and unattended computer screens displaying resident information. On two separate occasions, surveyors observed computer screens left unlocked and unattended, with resident information visible. The first incident occurred at the East side medication cart, where a Registered Nurse (RN) left the screen unlocked while attending to other duties. The RN acknowledged the oversight, attributing it to being preoccupied with finding a supervisor for the surveyor. The second incident was observed at the East side nursing station, where another computer screen was left unlocked and unattended, displaying resident information. A Licensed Practical Nurse (LPN) was informed of the situation by the surveyor and promptly locked the screen, indicating that another staff member had left it open. These observations highlight a breach in the facility's policy to protect patient privacy and confidentiality, as outlined in their Patient Privacy Policy. The facility's policy mandates that all patient information be treated as confidential and that unauthorized access, use, or disclosure is prohibited. It requires that electronic records be stored in password-protected systems with encryption to prevent unauthorized access. The policy applies to all employees, contractors, volunteers, and other personnel working in the nursing home, emphasizing the importance of safeguarding personal, medical, and financial information of residents.

Plan Of Correction

This Plan of Correction does not constitute admission or agreement by Miami Shores Nursing & Rehabilitation Center of the truth of the facts alleged, or conclusions set forth in the statement of deficiencies. This Plan of Correction is prepared solely because it is required by State and Federal Laws. N202 Right to Privacy Identify patients that were at risk and what did: Immediately, once identified by the surveyor, all Department managers were notified and asked to meet with their staff and go over HIPAA and protection of patient privacy. A facility-wide in-service was held on through /2025 that reviewed HIPAA privacy and all staff were started on individual HIPAA training. The assessment completed included the issue, Root Cause Analysis, and Performance Improvement Plan. Staff were trained on specific education related to HIPAA with acknowledgement forms. Regarding the Nurse that left the computer unattended at the med cart, they were counseled on the importance of HIPAA and protecting privacy; counseling was completed on. How will you identify other patients that are at risk? A full house audit was completed on , to determine that no other privacy screens were being left unattended by not only nurses but staff that use the tablets for documentation as well. Staff and Managers were reminded of HIPAA Policy, and Department managers were tasked to keep vigilant about any screens with patient information being left unattended. Thereafter, the DON created the Audit checklist to spot check for computer security during use. Measure put in place: A facility-wide in-service was held on and /2025 that reviewed HIPAA privacy and all staff were started on individual HIPAA training. The assessment completed included the issue, Root Cause Analysis, and Performance Improvement Plan. Staff were trained on specific education related to HIPAA with acknowledgement forms. Training will continue upon hire and annual review. A new system tool has been created whereby the Nurse manager that covers 24 hours per day has a form that was developed and included the surveillance of HIPAA Compliance with all electronics including computers and tablets. The DON created an audit checklist which will be located at the Nurses' desk and is a daily spot check for computer security during use. All department heads are also required to monitor for the same on their daily rounds and when finding any non-compliant staff, to report to managers and provide ongoing education and progressive discipline if rules are not adhered to. We posted a sign at the nurses' station and on med carts as a reminder to lock screens before leaving long-term prevention through inclusion and annual training and orientation. How will you monitor? The DON and all department heads are also required to use the form to track compliance. The DON and/or designee will be responsible for bringing the findings and summary to the QAPI Committee. This will occur daily for 30 days, then monthly for 3 months, then quarterly and/or if any variances are reported ongoing.

Penalty

No penalty information released
tooltip icon
The penalty, as released by CMS, applies to the entire inspection this citation is part of, covering all citations and f-tags issued, not just this specific f-tag. For the complete original report, please refer to the 'Details' section.
See other N0202 citations
Failure to Safeguard Resident Privacy and Confidential Health Records
N0202
Short Summary

Surveyors found that staff failed to protect resident privacy by leaving confidential notes about a resident's authorized visitors visible on medication cart computer screens and by leaving an EMAR screen unlocked and unattended, exposing resident health information. A nurse acknowledged forgetting to lock the computer, and the DON stated that notes were meant to be flipped to hide information but were not. These actions did not comply with the facility's policy on resident privacy and confidentiality.

No penalty information released
tooltip icon
The penalty, as released by CMS, applies to the entire inspection this citation is part of, covering all citations and f-tags issued, not just this specific f-tag. For the complete original report, please refer to the 'Details' section.
Privacy Breach of Resident Information
D
N0202
Short Summary

The facility failed to protect residents' privacy, with observations of unattended paperwork containing resident information left visible in public areas. An LPN and the ADON acknowledged the breaches, confirming that such information should not be visible or unattended. The DON stated that measures are in place to safeguard residents' information.

No penalty information released
tooltip icon
The penalty, as released by CMS, applies to the entire inspection this citation is part of, covering all citations and f-tags issued, not just this specific f-tag. For the complete original report, please refer to the 'Details' section.

Know what gets cited — and walk into your next survey with full visibility

We process and analyze inspection reports and Plans of Correction using AI to surface insights and trends — so you can improve care quality and stay ahead of compliance risk before your next survey.

Get ready for your next survey

See what surveyors are citing in your state and spot your risk areas before they do.

Monthly Citation Reports

Have you been cited for this tag?

Save hours drafting a compliant Plan of Correction — AI built on real approved POCs.

Plan of Correction Writer

Trusted data from CMS and state health departments

Every citation, penalty and Plan of Correction is sourced from public CMS records (latest release June 24, 2026) and official state health department websites — never guesswork.

Trusted by long-term care providers and associations.

Allegria Senior Living logo
FHCA logo
WeCare Centers logo
Care Rehab logo
An unhandled error has occurred. Reload 🗙