F0583 F583: Keep residents' personal and medical records private and confidential.
D

Privacy Breach of Resident Information

Miami Shores Nursing And Rehab CenterMiami, Florida Survey Completed on 03-26-2025

Summary

The facility failed to ensure the privacy and confidentiality of residents' personal and medical records, as required by federal regulations. During a survey, it was observed that two out of four computer screens on the East side nursing station were left unlocked and unattended, displaying resident information. This breach of privacy was noted on the East side medication cart #1 and at the East side nursing station, where resident information was easily accessible and visible to unauthorized individuals. At 7:39 AM, a surveyor observed an unlocked, unattended computer screen on the East side medication cart #1. The Registered Nurse (RN) responsible for the cart returned at 7:41 AM and acknowledged the protocol breach, stating that they forgot to lock the screen due to being preoccupied with finding a supervisor for the surveyor. Similarly, at 8:08 AM, another unlocked, unattended computer screen was observed at the East side nursing station. A Licensed Practical Nurse (LPN) was informed of the situation at 8:09 AM and immediately locked the screen, indicating that another staff member had left it open. The facility's policy on patient privacy, which aligns with the Health Insurance Portability and Accountability Act (HIPAA) and state-specific regulations, mandates that all patient information be treated as confidential. Unauthorized access, use, or disclosure of patient information is prohibited, and access to such information should be restricted to authorized personnel only. Despite these policies, the facility failed to adhere to the required standards, resulting in a deficiency in maintaining the privacy and confidentiality of residents' information.

Plan Of Correction

This Plan of Correction does not constitute admission or agreement by Miami Shores Nursing & Rehabilitation Center of the truth of the facts alleged, or conclusions set forth in the statement of deficiencies. This Plan of Correction is prepared solely because it is required by State and Federal Laws. F583 Personal Rights and Confidentiality Identify patients that were at risk and what did: Immediately, once identified by the surveyor, all Department managers were notified and asked to meet with their staff and go over HIPPA and protection of patient privacy. A facility wide Inservice was held on through /2025 that reviewed HIPPA privacy and all staff were started on individual HIPPA training. The assessment completed included the issue, Root Cause Analysis and Performance improvement Plan, Staff Were trained on specific Education related to HIPPA with acknowledgement forms. Regarding the Nurse that left the computer unattended at med cart was counseled on the importance of HIPPA and protecting privacy, counseling was completed on. How will you identify other patents that are at risk? A full house audit was completed on, to determine that no other Privacy screens were being left unattended by not only nurses but staff that use the tablets for documentation as well. Staff and Managers were reminded of HIPPA Policy and Department managers were tasked to keep vigilant about any screens with patient information being left unattended. Thereafter the DON created the Audit checklist to spot check for computer security during use. Measure put in place: A facility wide Inservice was held on and /2025 that reviewed HIPPA privacy and all staff were started on individual HIPPA training. The assessment completed included the issue, Root Cause Analysis and Performance improvement Plan. Staff Were trained on specific Education related to HIPPA with acknowledgement forms. Training will continue upon Hire and annual review. A new system tool has been created whereby the Nurse manager that covers 24 hrs per day has a form that was developed and included the surveillance of HIPPA Compliance with all electronics including computers and tablets. The DON created an audit checklist which will be located at Nurses desk and is a daily spot checks for computer security during use. All department heads are also required to monitor for the same on their daily rounds and when finding any non-compliant staff, to report to managers and provide ongoing education and progressive discipline if rules are not adhered to. We posted a sign at nurses' station and on med carts as a reminder to Lock screens before leaving long term prevention through inclusion and annual training and Orientation. How will you monitor? The DON and All department Heads are also required will use the form to track compliance. The DON and or designee will be responsible for bringing the finding and summary to the QAPI Committee. This will occur daily for 30 days, then Monthly for 3 months, then quarterly and or if any variances are reported ongoing.

Penalty

No penalty information released
tooltip icon
The penalty, as released by CMS, applies to the entire inspection this citation is part of, covering all citations and f-tags issued, not just this specific f-tag. For the complete original report, please refer to the 'Details' section.

Resources

Below are regulatory guidelines relevant to this citation:

See other F0583 citations
Electronic Medical Records Left Visible on Unattended Computers
D
F0583 F583: Keep residents' personal and medical records private and confidential.
Short Summary

Electronic Medical Records Left Visible on Unattended Computers: Two residents' EMRs were left open and visible on unattended computers during wound care and med pass. One resident had HTN, DM, and malnutrition with moderate cognitive impairment, and another resident had acute respiratory failure with hypoxia, HTN, DM2, and Afib with intact cognition. Staff confirmed the screens were left open and available for public view.

No penalty information released
tooltip icon
The penalty, as released by CMS, applies to the entire inspection this citation is part of, covering all citations and f-tags issued, not just this specific f-tag. For the complete original report, please refer to the 'Details' section.
Failure to Protect Confidential Resident Information
D
F0583 F583: Keep residents' personal and medical records private and confidential.
Short Summary

A resident's confidential medical information was left visible on the East med cart computer screen at the nurses station when the cart was unattended. An RN confirmed the observation and acknowledged that resident personal and clinical information was exposed to anyone passing by.

No penalty information released
tooltip icon
The penalty, as released by CMS, applies to the entire inspection this citation is part of, covering all citations and f-tags issued, not just this specific f-tag. For the complete original report, please refer to the 'Details' section.
Failure to Protect Confidential Medical Records
F
F0583 F583: Keep residents' personal and medical records private and confidential.
Short Summary

A facility failed to keep residents’ personal and medical records secure and confidential. Medical record review showed hospice notes were entered directly into the EMR for three residents, and the regional clinical director stated the hospice previously used was given full access to the EMR for all residents. The Resident Rights policy stated residents have a right to secure and confidential personal and medical records.

No penalty information released
tooltip icon
The penalty, as released by CMS, applies to the entire inspection this citation is part of, covering all citations and f-tags issued, not just this specific f-tag. For the complete original report, please refer to the 'Details' section.
Failure to Deliver Resident Mail Promptly
E
F0583 F583: Keep residents' personal and medical records private and confidential.
Short Summary

Failure to Deliver Resident Mail Promptly: The facility failed to ensure residents could send and receive mail and other materials in a timely manner. In a group interview, multiple residents stated they never received mail or that mail was not distributed on Saturdays because the AD did not work weekends. The AD said she passed mail Monday through Friday and was unsure who handled Saturday delivery, while the Administrator said weekend nursing staff were expected to pass mail. The facility policy required mail delivery within 24 hours of receipt.

No penalty information released
tooltip icon
The penalty, as released by CMS, applies to the entire inspection this citation is part of, covering all citations and f-tags issued, not just this specific f-tag. For the complete original report, please refer to the 'Details' section.
Failure to Provide Privacy During Incontinent Care
D
F0583 F583: Keep residents' personal and medical records private and confidential.
Short Summary

A cognitively intact female resident with Guillain-Barre Syndrome, depression, muscle weakness, and dependence on staff for toileting received incontinent care from two CNAs while her roommate was present in the room, and the privacy curtain was not pulled at any time. The resident’s care plan documented a self-care deficit and need for assisted incontinent care, and facility policies on perineal care and resident rights required staff to provide privacy, including use of doors, curtains, and blinds. In post-incident interviews, both CNAs acknowledged that privacy should have been provided during the care and recognized that doing so is part of respecting resident rights and dignity, while the DON and Administrator confirmed their expectation that staff follow these privacy practices.

No penalty information released
tooltip icon
The penalty, as released by CMS, applies to the entire inspection this citation is part of, covering all citations and f-tags issued, not just this specific f-tag. For the complete original report, please refer to the 'Details' section.
Failure to Protect Resident Privacy During Glucose Monitoring and Insulin Administration
D
F0583 F583: Keep residents' personal and medical records private and confidential.
Short Summary

Two cognitively intact male residents with diabetes, one with additional psychiatric diagnoses, received blood glucose checks and, for one resident, an insulin injection in an open area near the nurse’s station rather than in a private setting, exposing their medical treatment to others. Facility leadership, including the DON and Administrator, acknowledged that facility policy and practice required such medical treatments to be performed in residents’ rooms to protect privacy and confidentiality of personal and medical records, and that providing these services in public areas was inconsistent with resident rights and privacy standards.

No penalty information released
tooltip icon
The penalty, as released by CMS, applies to the entire inspection this citation is part of, covering all citations and f-tags issued, not just this specific f-tag. For the complete original report, please refer to the 'Details' section.

Know what gets cited — and walk into your next survey with full visibility

We process and analyze inspection reports and Plans of Correction using AI to surface insights and trends — so you can improve care quality and stay ahead of compliance risk before your next survey.

Get ready for your next survey

See what surveyors are citing in your state and spot your risk areas before they do.

Monthly Citation Reports

Have you been cited for this tag?

Save hours drafting a compliant Plan of Correction — AI built on real approved POCs.

Plan of Correction Writer

Trusted data from CMS and state health departments

Every citation, penalty and Plan of Correction is sourced from public CMS records (latest release June 24, 2026) and official state health department websites — never guesswork.

Trusted by long-term care providers and associations.

Allegria Senior Living logo
FHCA logo
WeCare Centers logo
Care Rehab logo
An unhandled error has occurred. Reload 🗙