VA Mid South Healthcare Network (VISN 9)

Issue: Employee A sent a filled-out SF-182 (authorization for travel) to another employee (Employee B) instead of a blank form as intended. SF-182 contained name, SSN and DOB. Email was sent through PKI encryption. The information that was improperly disclosed was…

Outcome: Employee was re-educated about securing PII via email through encryption.

Issue: Patient A and Patient B were seen at the Chattanooga Community Based Outpatient Clinic (CBOC). On the day of the appointment, Patient A and Patient B left before seeing the clinic nurse. Patient A later received the medication reconciliation list,…

Outcome: 3/18/11 - The mis-mailed document was due to a human error and the nurse in question has been counseled regarding the importance of protecting a Veterans Personal Identifiable Information (PII). Additionally, the Privacy Officer confirmed the mis-mailed document was returned…

Issue: Two patients (Patient A and Patient B) with the same name; their medications were mixed up & Patient A received the Rx package of Patient B. Update: 03/02/11:Patient A will receive a notification letter due to PHI being exposed.…

Outcome: Employees reminded of the need for caution when handling documents with PII

Issue: In November 2010, Patient's A's prescriptions were given to Patient B at the pharmacy window (Nashville campus). Patient B realized the error after he arrived home and contacted his provider. Incident was not reported to Pharmacy until February 2011 via…

Outcome: 3/28/11:The Privacy Officer thoroughly investigated this concern and found the incident was due to a human error. The pharmacy has taken additional measures to check medications prior to leaving the pick-up window and made arrangements to retrieve your medication from…

Issue: In 2009, this employee/Veteran obtained a Sensitive Access Report on who accessed their CPRS/VISTA from 2006 thru portions of 2009. This was not reported to the facility PO at that time, however the Veteran, who is now an ex-employee reported…

Outcome: Appropriate action taken against employees involved.

Issue: Patient received another patients prescription package through the mail. When he discovered the error, he contacted the pharmacy & returned them. Update: 02/24/11:Patient will receive a letter of notification.…

Outcome: Employees reminded of the importance of safeguarding PII.

Issue: On January 14, 2011, Veteran was seen in the VA ER (Nashville campus). Staff placed an armband on Veteran which contained her full SSN.Veteran lost the armband at VA and is concerned about identity theft. Issue was reported to PO…

Outcome: 3/17/11 - Privacy Response ltr and Credit Monitoring letter mailed to Veteran today. Per the PO's findings:The use of the full Social Security number for armband identification purposes is an issue which is being discussed nationally and at our VISN…

Issue: On February 15, 2011, Patient A was seen at Chattanooga CBOC. Upon completion of the appt, Patient A was given instructions which included a list of medications. After leaving the clinic, Patient A reviewed the instructions and noted he had…

Outcome: The nurse responsible has been counseled regarding the importance of protecting Veteran's PII.

Issue: PO was notified of the following privacy issue by BA Program Manager, VHA Health Information Access Office:Patient A (Cookeville CBOC veteran) received lab results for Patient B mailed by CBOC LPN (a contract employee covered by national BAA). Patient A's…

Outcome: 2/25/11: Per Chief, Compliance Officer (national BAA) , error in mailing appears to be an issue of matching printed laboratory results with pre-addressed envelopes. From this date forward, no diagnostic testing results will be routinely mailed unless specifically requested by…

Issue: The author of a note accidentally copied another patient's (Patient A) name, SSN & DOB into a note for a different patient (Patient B). This note was released to an area hospital. Update: 02/16/11:Patient A will receive a letter offering…

Outcome: Physician reminded of the need for caution when creating notes;