VA Midwest Health Care Network (VISN 23)

Issue: A Veteran reported receiving another Veterans lab results in the mail. The lab result letter included the Veteran's full name, address and test results for lab. The Veteran will return the results via mail to the Privacy Officer (PO). Update:…

Outcome: PO sent an email to the volunteer coordinator to educate volunteers. Retrieval of letter.…

Issue: A VA employee delivered education materials to an affiliate employee. Included in the materials was a letter to a patient. The letter was a reminder to schedule an appointment. The letter included the patient full name, and address on it.…

Outcome: Ordered a separate printer so patient information will not get mixed in with educational material.

Issue: An employee was leaving a patient's house for home oxygen treatment and loading up the truck. He set a piece of paper with the patient's Personally Identifiable Information (PII) on the side of the truck, forgot the paper was there,…

Outcome: We are starting to transport in locked bags and only using the last 4 of the SS# on the forms they transport.

Issue: An information package was provided to Patient A upon admission. The patient's wife found a Patient Care Concern Form within the package that had Patient B's label (name, SSN, DOB) on it. She turned it in to the nursing station.…

Outcome: Provided education to staff. Instructed staff to use a clean desk policy while putting together packets.…

Issue: A letter regarding containing a surgery pre-operative patient education note intended for Patient A was sent to Veteran B . The Veteran sent the letter back to the VA. Update: 04/25/12:Due to full SSN and medical information being disclosed, Patient…

Outcome: Taked to Surgery Supervisor who is going to discuss with her staff the importance of patient privacy and mismailing

Issue: Veteran A's lab results letter was sent to the Veteran B. The letter was sent back to the VA. The letter contained Veteran B's name, address, medications and lab results. Update: 04/23/12:Veteran B will be sent a HIPAA notification letter.…

Outcome: Education given to department.

Issue: A VA employee reported finding a sheet of computer printed labels with one Veteran's full name, DOB, and full social security number on it. The information was lying by the front entrance of the hospital. The information was picked up…

Outcome: Unable to determine who or where these labels came from.

Issue: Patient A notified the VA that he had received a medication that belonged to Patient B. Patient A was sent a return envelope and has returned the medication for Patient B. Patient A returned the medication to the VA. This…

Outcome: Retrieval of medication

Issue: A VA Clinic medical laptop was left unsecured in a room with public access. The laptop had no VA image, no VA security, and no VA account authentication. The laptop used a generic non-password protected account. The hard drive was…

Outcome: An IT Help Desk Ticket has been entered to have the laptop encrypted, pending installation of the encryption by IT Service Delivery and Engineering (SD&E).

Issue: A VA employee reported a privacy incident regarding a patient receiving a MyHealthe Vet in-person proofing form to process by a clinic team. The patient was given the paperwork on another Veteran. The paper work included the Veterans full name,…

Outcome: Email sent to the supervisor to educate staff on incident.