Jesse Brown VA Medical Center

Issue: Employee A accessed Employee B's medical information in VISTA. Employee B is the supervisor of Employee A.

Outcome: 08/14/14: The Incident Resolution Service Team determined that Employee B will receive a HIPAA letter of notification.…

Issue: Veteran A's wife had received the referenced Veteran's Medical Records information in the mail along with her husbands. She also advised that she has another Veteran's information.

Outcome: 08/11/14: The Incident Resolution Service Team has determined that three Veterans will be sent letters offering credit protection services. 08/27/14: Update: One additional Veteran's information was sent along, total is now four (4) Veteran's that will be sent letters offering…

Issue: Veteran A visited the facility ER with his medications. Upon admission, his medications were taken by nurse and supposedly the Veteran signed a consent form. Not sure if staff verified Veteran A's address when receiving his medications. Veteran A stated…

Outcome: 07/14/14: The Incident Resolution Service Team has determined that Veteran A will be sent a HIPAA notification letter due to Protected Health Information (PHI) being disclosed.…

Issue: A Veteran's Anesthesia Documents were found outside the Medical Center by a VA employee who brought documents to Privacy Office.

Outcome: 07/09/14: The Incident Resolution Service Team has determined that the Veteran will be sent a letter offering credit protection services due to full SSN being disclosed.…

Issue: Employee A accessed Employee B's medical record 19 times over a two day period, 14 times in one day and five times the second day. Upon reporting this to Employee A, Service Chief, the service compromised the investigation by sending…

Outcome: 06/25/14: The Incident Resolution Service Team determined that Employee B will receive a HIPAA letter of notification, since his record was accessed 19 times in two days.…

Issue: A Veteran employee was notified by another employee that she was informed he had been admitted into the hospital by a former employee in his old service unit.

Outcome: 06/09/14: The Incident Resolution Team has determined that the Veteran employee will be sent a HIPAA notification letter due to Protected Health Information (PHI) being disclosed.…

Issue: The VA Police Department reported a theft of internal documents from the office of Chief of Police. The items missing are candidates' job applications and related documents, which contain applicant name, full SSN, address, phone number, education transcripts, diplomas, DD…

Outcome: 06/05/14: The VA Police are currently treating this as a theft. It is not known how many application records were taken, however, it appears to be at least 50. There are cameras in the area but they have not been…

Issue: Veteran A received a copy of Veteran B's appointment schedule which contained Personally Identifiable Information (PII). The information at risk included Veteran B's name, address, partial SSN and diagnosis.…

Outcome: 05/05/14: The Incident Resolution Team has determined that Veteran B will be sent a HIPAA notification letter.…

Issue: Veteran A received a copy of Veteran B's appointment schedule which contained Personally Identifiable Information (PII). The information at risk included Veteran B's name, address, partial SSN and diagnosis.

Outcome: 05/05/14: The Incident Resolution Team has determined that Veteran B will be sent a HIPAA notification letter.…

Issue: Veteran A received an appointment schedule for Veteran B, which did not contain Personally Identifiable Information (PII). Veteran A's wife contacted the Privacy Office and returned the information on 04/23/14.

Outcome: 04/29/14: The copy of the appointment schedule contained the Veteran's first name initial and last name and appointment date/time. There was no SSN or other PII identifiers. 05/01/14: The Incident Resolution Team determined that the Veteran will receive a HIPAA…