Martinez Outpatient Clinic and Community Living Center

Issue: Veteran A reported that he received Veteran B's lab reports that included the full name, full SSN, full DOB and lab results.

Outcome: 06/11/15: The Incident Resolution Service Team has determined that Veteran B will be sent a letter offering credit protection services.…

Issue: An employee for the CA State Franchise Tax Board reported that she received 2 faxes from our facility that contained the full name, full SSN and full DOB on two of our employees.

Outcome: 06/10/15: The Incident Resolution Service Team has determined that two employees will be sent letters offering credit protection services due to full SSN being disclosed.…

Issue: Veteran A reported that he received a copy of Veteran B's appointment list that included the full name, full SSN and listing of appointments. Veteran A stated that he received the list on 06/08/15 and brought it back to the…

Outcome: 06/10/15: The Incident Resolution Service Team has determined that Veteran B will be sent a letter offering credit protection services due to full SSN being disclosed.…

Issue: Employee A, who is also a Veteran, reported that Employee B accessed her records on one occasion without a need to know or permission. This was discovered when she requested a copy of her Sensitive Patient Access Report (SPAR). An…

Outcome: 06/05/15: The Incident Resolution Service Team has determined that Employee A will be sent a HIPAA notification letter due to Protected Health Information (PHI) being disclosed.…

Issue: A VA employee reported that her car was broken into over the weekend and her work bag was stolen. Her work bag contained the following: 1. Scheduling calendar 2. Clipboard with phone log, VA phone numbers, notes 3. Patient handouts…

Outcome: 06/01/15: Employee reported that her scheduling book contained the last name, last 4, date of appointment and primary diagnosis and that the phone log contained last names, phone numbers and reason for the calls. I have asked the provider to…

Issue: It was reported to a VA employee by Veteran A that he received the labs in the mail that included labs of Veteran B. Labs included the full name and address of Veteran B.

Outcome: 05/26/15: The Incident Resolution Service Team has determined that Veteran B will be sent a HIPAA notification letter due to Protected Health Information (PHI) being disclosed.…

Issue: It was reported to Employee A by Veteran A that a folder was found in a woman's restroom at the VA that contained progress notes of Veteran B. Veteran A gave the folder to Employee A. The files were left…

Outcome: 05/20/15: The Incident Resolution Service Team has determined that Veteran B will be sent a letter offering credit protection services.…

Issue: VA Employee A reported that VA Employee B posted a photograph to her personal Facebook account which partially shows her computer screen that has information pertaining to 13 VA patients to include last 4 digits of the Social Security Number,…

Outcome: 06/08/15: The Incident Resolution Service Team has determined that 13 Veterans will be sent a HIPAA notification letter due to Protected Health Information (PHI) being disclosed.…

Issue: Veteran A reported that he received a CD that contained Veteran B's lab and radiology reports in the mail.

Outcome: 04/14/15: The Incident Resolution Service Team has determined that Veteran B will be sent a HIPAA notification letter due to Protected Health Information (PHI) being disclosed.…

Issue: The Privacy Officer (PO) received notification from the Patient Advocate who stated that a patient reported to him that a VA employee provided VA Patient A with the appointment list of VA Patient B. As VA Patient A was walking…

Outcome: 03/23/15: The Incident Resolution Service Team has determined that there was a policy violation. While there was an unauthorized access/disclosure of data, it has been determined that the incident has a low probability of a risk of compromise.…