VA Heart of Texas Health Care Network (VISN 17)

Issue: A Veteran complains that during the check-in process for his appointment at the Domicillary, he checked in and was provided a badge where the clerk had entered the location of his appointment Military Sexual Trauma (MST). The Veteran feels that…

Outcome: The employee who annotated the information on the badge was provided education on what is VA Sensitive Information by the Privacy Officer. The service AO has discussed this error with all clerical who perform this task. A notification letter has…

Issue: Upon being discharged from the Emergency Room (ER), Veteran A was given Veteran B's information. Update: 10/09/12:Veteran B will be sent a letter offering credit protection services due to full name and full SSN being disclosed.…

Outcome: Letter sent..education provided to all staff in the form of an email reminding staff to ensure information is disclosed (when applicable) to the correct Veteran.

Issue: Veteran A received an appointment letter that also contained a consultation request/appointment for Veteran B. Update: 10/04/12:Veteran B will be sent a letter offering credit protection services due to full name and SSN being disclosed.…

Outcome: The staff member that cause this error was provided education by the PO on the safegurding of VA sensitiive information and the topic was also addressed by the supervisor during two staff meetings. The credit letter has been forwarded to…

Issue: A VHA Without Compensation (WOC) Research Coordinator had her personal laptop and a Research voucher stolen out of her car. She had two VA Research database files on her personal laptop. The laptop was not encrypted. She was not authorized…

Outcome: VHA - Individual responsible has been suspended from any subject research activity for 10 days and will re-take Information Security/Privacy training. On the UTSHCSA side, disciplinary actions are still pending.

Issue: While conducting a walkthrough of the facility, the Privacy Officer (PO) discovered hardcopy personal information pertaining to two employees was left unsecured in a meeting room. The information was in the form of a progress note containing the full name,…

Outcome: The PO met with the Supervisor who failed to protect the sensitive information and PO provided education on the importance of safeguarding VA sensitive information in accordance with VA Handbook 6500. And to always secure and safeguard information from misuse…

Issue: A nursing station secretary received a call from a clerk in the VA Sleep Lab (name unknown) who stated: "Tell Employee/Patient A that his sleep study is scheduled for Saturday." Employee/Patient A is a Veteran and receives his care here…

Outcome: The Privacy Officer conducted an in-service to re-educate Staff on the proper disclosures of patient and/or other sensitive information. All staff were reminded of the proper disclosures of patient, or other sensitive information. A notification letter was sent to Veteran…

Issue: A Veteran said he received a phone call from the son of an employee. The son was apparently completing a school project and the employee felt the Veteran would be a good candidate to be interviewed by the son. Update:…

Outcome: Notification letter sent to Veteran. Employee education/action taken.…

Issue: Patient A received Patient B secure message. The messaged contained Patient B's name, date of birth and partial SSN. Update: 08/15/12:Due to Date of Birth being exposed, Patient B will be sent a letter offering credit protection services.…

Outcome: Employee received training.

Issue: Patient A received Patient B's medical records. The records included Patient B's name, address, date of birth, full SSN and protected health information (PHI) Update: 08/15/12:Due to full SSN and medical information being exposed, Veteran B will be sent a…

Outcome: Employee received additional training and was educated. Notification Letter Sent.…

Issue: While providing appointment assistance to Veteran A, the Medical Support Assistant (MSA) noticed that the Veteran was in possession of a complete clinic appointment list. The list contained the full name, SSN, telephone number and service connection percentage of Veteran…

Outcome: The PO investigated this incident and identified the area where this error originated. The PO has provided education to the staff and reminded them of the importance of protecting VA sensitive information.