South Central VA Health Care Network (VISN 16)

Issue: An Attorney's office that had requested Veteran A's information received information on four (4) other Veterans. It appears the records were accidently put together and mailed out. The information at risk included the Veterans' name, address, full SSN and protected…

Outcome: Staff have been told now that they can't multi-task.. this was what caused issue. Letters went out to the involved individuals. Only attached one since they were all the same.Training and awareness has occurred. Service is working on discipline issue…

Issue: A nurse took home medications of 5 Veterans with the medication label attached. The nurse recently is divorced and the ex-sister-in-law located the following in the home: Veteran1/Label 1 contained full name, full social, initial/last 4, gender, date of birth,…

Outcome: Privacy Officer educated employee. Nurse manager has educated employee and is sharing the education with all nursing staff on her unit.…

Issue: Research Compliance Officer reported that during a regulatory audit of research pharmacy she discovered a note in the file documenting an incident where six patient folders accidently fell into a trash can beside the desk of the pharmacist and was…

Outcome: The Research Compliance Officer will refer the incident to ORO and local IRB for appropriate action. Pharmacist reminded of requirement to notify facility PO immediately of any privacy incident/violation.…

Issue: Employee A accessed Veteran A's medical record to obtain information for personal use. Update: 04/15/13:Veteran A will be sent a HIPAA notification letter.05/16/13:This was determined to be HITECH reportable by VHA Privacy Office.…

Outcome: Disciplinary action taken.

Issue: A Veteran's wife called and stated that her husband's appointment letter contained appointment letters for two other Veterans. The Veteran's wife stated she destroyed the letters. This was caused by a machine in the mail room pulling more than one…

Outcome: This was a malfunction of machinery that takes appointment letters, places the letters in an envelope and seals it. The machinery was pulling more than one page at a time and it was repaired.…

Issue: A family member of a Veteran brought paperwork to the surgical intensive care unit (SICU) nurses station which contained five names and SSNs of patients. A visitor stated that he found the paperwork inside the bathroom just outside of the…

Outcome: Unable to determine who left document in rest room. General Privacy awareness information forwarded to staff regarding the protection of PII/PHI.…

Issue: A student of Imaging at the University took a picture of a patient and put it on Face Book. It showed their name and the date of the procedure. It was only up a very short time - another student…

Outcome: UAMS staff met w CAVHS Imaging Service 4 6 13.. .they have already changed their policy regarding cell phone usage. They are working to see that individual in question is able to return to clinical. Initially they would not be…

Issue: A VA employee discovered a file folder lying on the floor in the handicapped stall of the patient/public female restroom located in the Specialty Clinic. A cursory glance through the folder identified the folder belonged to a VA employee who…

Outcome: Service chief validated the employee is required to retake the annual Privacy and HIPAA Training and Records management Training courses.

Issue: The Privacy Officer (PO) was contacted by an employee who stated that as she was walking into the Medical Center she found what appeared to be name tags attached to a paper clip that someone had dropped. She picked the…

Outcome: Staff education and review of the Privacy Policy by all CLC staff. In addition, the staff member responsible for the privacy violation will receive disciplinary action.…

Issue: VA employee/Veteran requested a SPAR from the Information Security Officer. On the SPAR he noticed two (2) employees accessed his medical record that is not involved in his care. The Privacy Officer has sent notice to the employees to ask…

Outcome: Supervisor has been notified of the issue and action letters have been sent to supervisor for the two employee.