Sierra Pacific Network (VISN 21)

Issue: A copy of Veterans A's DD214 was released to the next of kin of Veteran B. The letter has been returned. Update: 12/18/12:Veteran A will be sent a letter offering credit protection services.…

Outcome: DD214 was returned, ROI staff educated/Credit Monitoring letter uploaded

Issue: A VA Employee sent an unencrypted email to a non VA employee. The email contained first, middle, and last intial along with last four of SSN. along with past appointment dates and history of narcotics use and the patients documented…

Outcome: Nofitication letter sent out, action taken with the employee, request ticket to be closed.

Issue: A VA employee was in a car accident on 12/04/12. The employee discovered a zipped binder that contained two completed Homeless Operations Management and Evaluation System (HOMES) Homeless Services Assessment Forms missing on 12/06/12. The employee has contacted the towing…

Outcome: Explained the importance of safeguarding PHI/III during transport from site to Veterans location and back.

Issue: Veteran A reported that while he was waiting in the Mental Health waiting room for his appointment he was able to hear the full name, full SSN and phone numbers of 7 patients checking in for appointments. Veteran A wrote…

Outcome: The Mental Health Manager sent an email to all MH staff regarding the importance of safeguarding PHI/III.

Issue: A VA Patient Advocate received a letter of complaint from a Veteran. Attached to the letter was a copy of the Patient Census sheet from 10/2010. The Veteran who possessed the document was a patient at the time and received…

Outcome: Document was returned, credit monitoring/NOK notification letters sent out. Educated staff -check entire discharge package prior to discharge.…

Issue: A Veteran was sent a box containing a copy of his medical records, a total of 2461 pages, via certified/return receipt USPS mail. The Veteran reported receiving stacks of papers (approx. 600 pages) bundled in two with rubber bands, in…

Outcome: VAPAHCS followed appropriate procedure in sending a copy of the Veteran's medical record. USPS failed to deliver the entire package. The incident was reported to the USPS Postal Inspector and will follow-up with the Veteran.…

Issue: The Privacy Officer was notified by Research Compliance Officer, an internal audit was done, two of thirteen informed consents had no accompanying HIPAA documentation. CPRS was accessed, Update: 11/26/12:The two individuals who did not have the HIPAA documentation will be…

Outcome: Two notification letters sent to Veterans, request ticket to be closed

Issue: An employee took home VA Advance Directive/Durable Power of Attorney for Health Care and Living Will (contains the full name, full SSN, home address, phone number, in addition they contain the patients appointed Health Care Agents full name, relationship, home…

Outcome: Sent an email to all Social Workers reminding them of the importance to safeguard III/PHI and that they do not have permission to take this sort of information home.

Issue: An employee found a Protected Peer Review Form outside of the building he works in. The form contained the patient's full name, DOB, full SSN, Admission and Discharge Dates for hospital stay and reason for admission. Update: 11/14/12::The patient will…

Outcome: Reminded the employee to apply appropriate safeguards to III/PHI when carrying in file folders and to ensure all information is accounted for.

Issue: Patient A received patient B Consultation Request. Employee sent the consult request along with Patient A appointment letter. The consultation request included the patients full name, full SSN, DOB, gender, and type of requested procedure.. Update: 11/06/12:Patient B will be…

Outcome: Educated the staff on proper safeguard and to ensure to double check what is being mailed to a Veteran.