Sierra Pacific Network (VISN 21)

Issue: A healthcare provider left a detailed message on a patient's cellphone voicemail regarding his medical diagnosis and test results. Update: 09/13/12:The Veteran will be sent a notification letter due to PHI being improperly disclosed on his cellphone voicemail.…

Outcome: Although no violation was found, I provided education to the provider on the appropriate way to leave messages for patients when they are not available.

Issue: A Release of Information (ROI) clerk misfaxed a Veteran's progress note containing diagnosis, full name, DOB, full SSN, and home address to a towing company. Update: 09/05/12:The Veteran will receive a letter offering credit protection services.…

Outcome: Privacy Officer educated employee.

Issue: A VA Human Resources employee sent documents to former employee through UPS. The address was one digit off and the package got delivered to the former employees neighbor. We're in the process of recovering the package through the former employee…

Outcome: Attempts have been unsuccessful in retrieving the package. Counseled and re-iterated to employee responsible for mis-mailing to watch attention to detail prior to mailing any documents. UPS tried several times to recover the package from the address given but no…

Issue: A supervisor accessed a subordinate's record to obtain employee health data to clear the employee to work with patients. Update: 09/04/12:The subordinate will receive a HIPPA letter of notification.…

Outcome: The ISO and PO plan to educate users through e-mail regarding the inappropriate and appropriate access of electronic health records. Some may feel because demographic information is available, that it's accessible. We will clarify the "need to know" point and…

Issue: The Chief Librarian contacted the Central California Health Care System (CCHCS) Information Security Officer (ISO) to notify of documents found in a desk drawer in the library at a MyHealtheVet workstation by library staff. ISO went to library and confiscated…

Outcome: Employee in service VA guideline about securing VA documents.

Issue: A VA Employee accessed another VA employees VistA record to acquire the other employees Birth Date so it could be used for a party list. Update: 08/27/12:Employee A will get a letter offering credit protection services.…

Outcome: The user was retrained and counseled concerning proper Information Security Practices, and the facility is taking actions to ensure sure the user is disciplined for the incident and that the actions are never repeated. Recommend Closure.

Issue: A person from the general public called our pharmacy to inform them that they'd received a prescription that wasn't theirs and was contained a label from our facility along with their medical from a civilian facility. The package was sent…

Outcome: No violation or corrective action required by our facility. The contracted mail order pharmacy has initiated an investigation into the event with the Tucson Post Office.…

Issue: Veteran A contacted this facility to report that he had received the appointment reminder for Veteran B in the mail. The appointment reminder contained the name of the Veteran, last 4 of the SSN only and the date and location…

Outcome: Staff to be in serviced by department head to review contents before sealing envelopes.

Issue: A fee clerk sent an uencrypted email to a non VA provider. The email included full name and full SSN on two Veterans and full name and DOB on a third Veteran. Update: 08/30/12:This is an unencrypted email which is…

Outcome: Employee educated.

Issue: Veteran A received Veteran B's medical records in the mail. Veteran A reports the records were in the same envelope as his records when he received them. Update: 08/07/12:Veteran B will be sent a letter offering credit protection services.…

Outcome: Educated the employee on the importance of reviewing all medical records before releasing to requestor to ensure they belong to that person.