James A. Haley Veterans' Hospital

Issue: A Patient Centered Care (PCC) Nurse left a voice message on the incorrect telephone number and included a Veteran's SSN and DOB.

Outcome: 08/04/14: The Incident Resolution Service Team determined that the Veteran will receive a letter offering credit protection services, since his full SSN was compromised.…

Issue: During an audit of research study, the coordinator was unable to find 2 Informed Consent/HIPAA authorization forms.

Outcome: 10/15/14: The Incident Resolution Service Team has determined that two Veterans will be sent letters offering credit protection services.…

Issue: Release of Information (ROI) documents were sent to the correct recipient but included additional ROI requests of 7 Veterans. The Veterans, names, addresses, dates of birth, full SSNs and diagnoses were compromised.…

Outcome: 08/01/14: The Incident Resolution Service Team has determined that the seven Veterans will be sent letters offering credit protection services.…

Issue: Veteran A received Veteran B's Printed Patient Inquiry Screen from VISTA in the mail.

Outcome: 07/30/14: The Incident Resolution Service Team has determined that Veteran B will be sent a letter offering credit protection services.…

Issue: Veteran A received Veteran B's letter from the facility. The letter included name, address, and clinic name.

Outcome: 07/29/14: The Incident Resolution Service Team has determined that Veteran B will be sent a HIPAA notification letter due to Protected Health Information (PHI) being disclosed.…

Issue: Veteran A received an allergy clinic appointment letter in the mail. Also included in the envelope was a 5345 form for Veteran B requesting physician to fill out Residual Functional Capacity Questionnaire.…

Outcome: 07/29/14: The Incident Resolution Service Team has determined that Veteran B will be sent a letter offering credit protection services.…

Issue: A VA employee handed Veteran A a document belonging to Veteran B. The document was a patient inquiry print-out and contained Veteran B's full name, full SSN, date of birth, home address telephone numbers, e-mail address, future appointments, eligibility status…

Outcome: 07/10/14: Veteran A took the document home. When he realized that he had Veteran B's information, he placed the document in a sealed envelope and gave to his son who works at this hospital, to hand deliver to Privacy Officer…

Issue: Veteran A was mailed abnormal lab results along with the abnormal lab results of Veterans B & C.

Outcome: 07/01/14: The Incident Resolution Service Team has determined that Veterans B and C will be sent HIPAA notification letters due to Protected Health Information (PHI) being disclosed.…

Issue: VA employee accessed five other fellow co-workers information using Patient Inquiry.

Outcome: 07/03/14: The Incident Resolution Service Team has determined that the five employees will be sent a notification letters due to Protected Health Information (PHI) being accessed without authorization.…

Issue: Veteran A received a package from VHA Pharmacy which had Veteran A and Veteran's B medication (name, SSN, addrress) inside with the address label having Veteran B's name but Veteran A's address.

Outcome: 06/20/14: The Incident Resolution Service Team determined that Veteran B will receive a letter offering credit protection services, since his full SSN was compromised.…