VA Healthcare - VISN 4 (VISN 4)

Issue: Employee A's separation notice of retirement was sent to Employee B in error. Employee B reported the error to our Human Resource Department and returned the form to our medical center. Employee B notified Employee A of the inconsistency (these…

Outcome: Human Resource staff were reminded on the importance of security and privacy safeguards.

Issue: Patient A requested his MyHealthyVet (MHV) Release of Informationi (ROI) be faxed to him. ROI staff faxed Patient B's information to Patient A in error. Update: 07/03/12:Patient B will be sent a letter offering credit protection services.…

Outcome: HIMS Chief reviewed with ROI staff ROI procedures and stressed the importance of protecting PHI/PII.

Issue: A VA employee was asked to provide information concerning a questionable access from a sensitive record access log audit. The employee stated the Veteran is her husband and she is the caregiver. She alleges these accesses were at the request…

Outcome: A Security Privacy Violation Memo was issued to Service Line Mgt concerning this employee. User access was disabled.…

Issue: Veteran A called to indicate that he received records on Veteran B that were intended to be sent to Blue Cross. Update: 06/28/12:Veteran B will be sent a letter offering credit protection services.…

Outcome: Education was conducted with the ROI staff and random audits of ROI requests are conducted monthly.

Issue: While the VA Police staff were doing rounds on 06/24/12 a surgery schedule and a list of patients being reviewed at the Morbidity and Mortality (M&M) committee were found in the hallway outside of the ICU. There are 9 individuals…

Outcome: The person responsible was educated on the proper disposal of PHI and PII

Issue: The VA ICU Head Nurse found a box of nursing information on the counter with a medication list for 5 patients and a notebook containing barcodes for medications and account access information for a number VA systems including NT and…

Outcome: The provider has been educated on the incident.

Issue: On 06/25/12, the Information Security Office (ISO) provided the Privacy Officer (PO) a questionable sensitive record access log for review. Accesses made by an employee with the same last name as a Veteran were flagged questionable. The Privacy Officer noted…

Outcome: The employee's user access has been disabled and a Security Privacy Violation Memo is being sent to Service Line Mgt concerning this employee.

Issue: Veteran A received Veteran B's labwork results in the mail. The lab results contained Veteran B's name, address and protected health information (PHI). Update: 06/25/12:Veteran B will be sent a notification letter.NOTE: There were a total of 27 Mis-Mailed incidents…

Outcome: A Privacy Event Memo was sent through the Director to the Chief of Staff (COS) concerning this incident. The COS is expected to take action with correcting the mismailing of documents within the Service Line.…

Issue: Pharmacy notified the Privacy Officer (PO) that Veteran A received his medication and also received Veteran B's medication in the same bag. Veteran A at first did not notice it. Veteran A was on insulin when he was in the…

Outcome: Education was conducted in addition to continued quality reviews.

Issue: Veteran A was given lab results from the clinic staff at a Community Based Outpatient Clinic. That same day Veteran A realized that they were lab results of Veteran B also contained in the documents. Veteran A returned the documents…

Outcome: The Clinic staff have been reeducated about proper quality assurance measures when providing documents to patients.