Chillicothe VA Medical Center

Issue: There are 2 employees, with the same first and last names, who work at the Medical Center. One is also a Veteran. The Veteran was trying to make an appointment for care and was given information by a clerk that…

Outcome: 10/14/14: The Incident Resolution Service Team has determined that no data breach has occurred. There was an unauthorized disclosure of data but with a low risk of compromise since it went to another VA employee.…

Issue: When Veteran A's lab work was stuffed into an envelope prior to mailing, Veteran B's lab work was accidentally included. Both Veterans were treated at the Community Based Outpatient Clinic (CBOC) on the same day.…

Outcome: 10/03/14: The Incident Resolution Service Team has determined that Veteran B will be sent a letter offering credit protection services.…

Issue: Veteran A called the call center, who referred the Veteran to a Privacy Officer (PO). The Veteran said he received the lab work (including HIV results), and appointment information for Veteran B. The letter contained Veteran B's name and SSN.…

Outcome: 09/29/14: The Incident Resolution Service Team has determined that Veteran B will be sent a letter offering credit protection services.…

Issue: A Veteran was discharged from inpatient care on 9/15. At the time of discharge, he was handed a medication list and discharge instructions which belonged to another Veteran.…

Outcome: 09/22/14: The Incident Resolution Service Team has determined that Veteran B will be sent a letter offering credit protection services.…

Issue: Patient entered Urgent Care area with a small bag (C bag, which he received at the time of discharge from the military). Bag contained his full name, full SSN and DOB. Bag was sent to be cleaned; however, now, it…

Outcome: 09/02/14: The Incident Resolution Service Team has determined that the Patient will be sent a letter offering credit protection services.…

Issue: An appointment letter containing name of clinic and Veteran's contact information was mailed to another Veteran. Veteran who received the appointment letter in error returned it to a VA nurse.…

Outcome: 07/30/14: The Incident Resolution Service Team has determined that Veteran B will be sent a HIPAA notification letter due to Protected Health Information (PHI) being disclosed.…

Issue: A ward clerk tried to fax a consent for medical records to a non-VA hospital. A wrong fax number was used and the form was faxed to a Sears Store.…

Outcome: 07/28/14: The Incident Resolution Service Team has determined that Veteran A will be sent a letter offering credit protection services.…

Issue: Veteran A called the Administrative Officer of the Day (AOD) and said that she received the medication list of Veteran B in the mail. AOD immediately reported it to the Privacy Officer (PO). The PO tried on multiple occasions to…

Outcome: 07/16/14: The Incident Resolution Service Team determined that Veteran B will receive a letter offering credit protection services.…

Issue: A clinic clerk mailed lab results that belonged to Veteran B to Veteran A. Veteran A, who received the results, contacted the clinic and returned the document.…

Outcome: 07/01/14: The Incident Resolution Service Team has determined that Veteran B will be sent a HIPAA notification letter due to Protected Health Information (PHI) being disclosed.…

Issue: An employee, who was assigned to drive a government vehicle, left five bar code labels in the vehicle. A transportation employee found the labels and turned them in to the Privacy Officer. The labels contained patient names and full SSN.…

Outcome: 07/01/14: The Incident Resolution Service Team has determined that there was a policy violation. No data breach has occurred as the information was only seen by VA employees.…