VA Healthcare - VISN 4 (VISN 4)

Issue: A Veteran received his appointment letter. Included with his letter were appointment letters for 4 other Veterans. The letters included the partial SSN and appointment information. Update: 05/09/11:The four Veterans will be sent a notification letter.…

Outcome: Staff involved with this incident were asked to re-take the VA Privacy and Information Security Awareness Course. Supervisor will also go over mail process and procedures with the staff members.…

Issue: The Imaging registration clerk printed a wrist band for Veteran A and placed it on his wrist. During the verification process, it was discovered the information on the wrist band was not Veteran A's but Veteran B. The wrist band…

Outcome: A Privacy Violation Memo has been sent to the Supervisor and Human Resources.

Issue: An employee's full name, service connection status, and medical information was reported on the Administrative Office of the Day Log which is distributed to approximately 75 medical center staff. The employee's date of birth or SSN were not displayed on…

Outcome: The employee is receiving a letter of reprimand for failure to safeguard employee/Veteran medical information.

Issue: VA employee left patient identification information in a public restroom. It included three patients' full SSNs and medical information. Update: 05/05/11:The three Veterans will be sent a letter offering credit protection services.…

Outcome: Training was conducted to all board members on the importance of securing sensitive Veteran information. The committee chairperson has taken the following steps to ensure patient identifiable information is secure: a. Information is sent electronically before the scheduled meeting to…

Issue: There was a prior privacy issue reported in March 2011 on the same employee and Veteran (father). The employee was reported to have accessed her father's medical record. The issue was handled with the Labor/Employee Relations Specialist. An updated sensitive…

Outcome: Employee suspension.

Issue: Veteran A received her appointment letter along with the appointment letters for Veteran B, C, and D. The appointment letters contain the Veterans' name, address, partial SSN, clinic name, date and time. Update: 04/15/11:Veterans B, C, and D will receive…

Outcome: Staff were educated to be more careful with mailings.

Issue: A Release of Information employee mailed records belonging to Veteran B along with the records of Veteran A in response to counsel's request for records of their client, Veteran A. Update: 04/14/11:Due to the full SSN and medical information being…

Outcome: Staff was provided training.

Issue: Veteran A and Veteran B's information was mailed to Veteran A. Veteran B's information included a letter and a copy of Compensation and Pension exam performed at VA. Veteran B's letter included his full name, full SSN and date of…

Outcome: Case re-opended to identify corrective action: Corrective action includied education to all staff.

Issue: The Privacy Officer (PO) received a call from the Human Resources (HR) office. Employee A from the kitchen called to inform them that another employee's (Employee B) notification of personnel action was placed in their electronic OPF. The HR department…

Outcome: This violation probably occurred four or five years ago. It may have been done by a contractor who is no longer with VA. The Human Resource Manager will provide reinforcement training so staff are better aware of the consequences of…

Issue: A VA employee who resigned on 03/18/11 and filled a complaint with the Merit Systems Protection Board (MSPB), sent her complaint with a list of patients' information including last name, last 4 digits of the SSN, medications and diagnoses. This…

Outcome: The Privacy Officer checked with Human Resources, the supervisor of the staff member who left and the doctor that signed the page containing the information and everyone denies that they gave the staff member a copy of the confidential information.…