Louis Stokes Cleveland VA Medical Center

Issue: A patient called today stating he received a denial letter on another patient. Both patients have the same name and same last 4 of SSN. The patient mailed the letter today. Will follow up with the CBOC Clerk that mailed…

Outcome: Data not available.

Issue: At approximately 4:15 PM on 10/24/13, VA Employee A attempted to fax two forms that contained protected information on two Veterans (name, DOB, SS#) from the Akron Community Based Outpatient Clinic (CBOC) internally to a fax at Cleveland VAMC. VA…

Outcome: 10/28/13: the two Veterans will receive a letter offering credit protection services.…

Issue: Veteran A dropped off an appointment letter that he received in the mail for another Veteran. The appointment letter contains full name, home address, last four of ssn, and clinic location.

Outcome: 10/17/13: One Veteran will be sent a notification letter.…

Issue: Employee faxed 10 travel consults to a Real Estate agency. Real Estate Agency contacted the Parma Outpatient Clinic to fax information back to VA. PO called the Real Estate Agency and asked to mail the documents to Medical Center. Real…

Outcome: 10/10/13: All 10 Veterans will be sent letters offering credit protection services.…

Issue: A letter was mailed to a guardian pertaining to a Veteran. The Guardian flag was incorrect as the person was not the guardian of the person. The letter was not returned and calls have gone unanswered. The correct guardian flag…

Outcome: 10/09/13: The Veteran will be sent a letter offering credit protection services due to the full name and date of birth being disclosed.…

Issue: A VA Lab Employee used a patient survey as part of an oral defense. The survey was given to the Union. The concern is that the VA employee used patient data outside of treatment, payment or healthcare operations (TPO) or…

Outcome: 04/17/14: The Incident Resolution Team has determined that there was a policy violation. While there was an unauthorized access/disclosure of data, it has been determined that the incident has a low probability of a risk of compromise.…

Issue: Veteran A states that a Release of Information (ROI) clerk disclosed 7332 information to a third party requestor without a valid authorization. The information disclosed included the Veteran's name, address, date of birth and full SSN.…

Outcome: 09/25/13: The Privacy Officer (PO) has not spoken to the employee, however, after review of releases, information was disclosed that was not authorized. The Veteran will receive a letter offering credit protection services.…

Issue: A VA employee who works for Home Based Primary Care (HBPC) in Painesville reported that his government vehicle, which was parked at the State Street Clinic, was broken into between 4:00 PM 09/03/13 and 7:40 AM 09/04/13. There was a…

Outcome: 09/09/13: The laptop was encrypted. It was last seen at 4:00 PM on 09/03/13. It was used by a HBPC employee to access Outlook email and CPRS for charting patient encounters. There was no personally identifiable information (PII) or protected…

Issue: Nurse who is the POA for veteran inforned another VA employee that they accessed the veteran's medical chart on several occassions.

Outcome: 09/03/13: One Veteran will be sent a notification letter.…

Issue: Employee is accessing father's medical record and making appointments. Employee is only listed as an emergency contact.

Outcome: 08/19/13: Patient A will be sent a notification letter.…