VA New England Healthcare System (VISN 1)

Issue: On 04/26/13, a Call Center employee of the VA Maine Healthcare System had called the Privacy Officer (PO) regarding an incident in which Veteran A's results were mailed to the incorrect recipient. It was the recipient's caregiver who had discovered…

Outcome: Employee education has occurred.

Issue: Employee A entered a consult order for her son to obtain home services. Employee B who is the provider for the son went to order the same services and found they had been already ordered by his mother (Employee A).…

Outcome: Employee required to recomplete TMS training. Supervisor and Chief of Labor Relations, HR notified for further appropriate disciplinary action.…

Issue: An employee was identified through an internal audit as having accessed his wife's account. The employee vehemently denies doing so. As his wife is not a current patient, there was minimal information at risk. The employee lives at the same…

Outcome: Employee has completed privacy training. Notification letter sent.

Issue: A Tuition Assistance Program (TAP) Employee emailed the Privacy Officer (PO) 4/22/13 to advise that she received a call from Veteran A who had received Veteran Bs appointment letter along with his own. The information disclosed is Veteran Bs Full…

Outcome: Employee responsible was unknown as these letters may have been processed by machine through mailroom

Issue: Copies of a Veteran's medical record were sent to his father by a VA employee. It appears the employee may have mistakenly selected the wrong patient's record to copy. PO is investigating. Update: 04/15/13:The Veteran will be sent a HIPAA…

Outcome: Veteran has custody of information. Responsible employee required to complete release of information training. Responsible employee's supervisor informed for further appropriate disciplinary action. Notification letter mailed.…

Issue: Veteran A had received Veteran B Fee Basis Letter along with hers. Veteran B's name and Fee Basis information was at risk. Update: 04/09/13:Veteran B will receive a HIPAA letter of notification.…

Outcome: Letter sent to Veteran and employees of that department spoken to about being more careful when stuffing envelopes.

Issue: A VA employee found a patient list in the parking lot at 6:45 AM this morning and gave it to the Privacy Officer (PO). The list was dry and in perfect condition indicating that it was recently dropped. Update: 04/15/13:Four…

Outcome: Employees were reminded not to remove patient information.

Issue: An employee sent Veteran A's information to Veteran B. Update: 04/08/13:Due to full SSN and medical information being exposed, Veteran B will be sent a letter offering credit protection services.…

Outcome: Information secured. Responsible employee counseled and required to re-complete privacy and security awareness and ROB training. HR Chief of Labor Relations and Supervisor notified for further action if required.…

Issue: Employee self reported that she had processed an Advance Directive with the wrong Veteran identifiers. Veteran As information was on the form. Veteran B signed the form thinking it was his. Veteran B was asked to return the Advance Directive.…

Outcome: Employee was educated and realized her mistake and will always check to make sure fields are not filled in prior to working her next advanced directive

Issue: Patient A had hernia surgery on 03/14/13 and Patient B had shoulder arthroscopy. On 03/14/13 both had the same RN on the discharge note. The facility is unsure if the wrong discharge instructions were given to Patient B, but it…

Outcome: Employee was re education on needing to take more time to ensure correct Veterans information is on paperwork.