VA New England Healthcare System (VISN 1)

Issue: An employee of an on-site research institute is suspected of identity theft of approximately 150 VA employees. This affiliate has the individually identifiable information (III) of approximately 150 VA employees. Update: 01/11/13: At this time the incident must remain completely…

Outcome: Federal indictment for responsible employee. Credit monitoring letter mailed to 183 individuals that may be impacted.

Issue: A Veteran who is a resident in this facility completed a means test. He placed it in his residence drawer, which was locked, in his room. When his wife went to retrieve it, it was not there. The information also…

Outcome: This information was put in a locked drawer in patient room. The facility police was notified. Not sure who had access to key.…

Issue: A VA LPN found Veteran B's prescription information inside of Veteran A's prescription injection directions. The Privacy Officer (PO) will follow-up with Pharmacy to see how the incident occurred. The information disclosed included Veteran B's name, address and medication information.…

Outcome: Pharmacy Director notified staff of incident and requested that all staff verify documents before they are sent out to ensure that it includes only information for the intended Veteran.

Issue: Employee entered family member's medical record without a business reason. This was confirmed by the supervisor as a result of an internal same name audit conducted by the ISO. Update: 12/27/12:One family member will be sent a letter of notification.…

Outcome: Supervisor notified and employee retrained. HR also notified.…

Issue: A Nurse received a phone call from a Veteran stating that he received a letter in the mail with another Veteran's information stapled to it. It was requested that veteran mail information received back to the Privacy Officer at VA…

Outcome: HIPAA letter provided, education given to staff

Issue: A Veteran received someone elses paperwork with their lab work. It was reported by the Veterans daughter and will be mailed to the privacy officer. Update: 12/26/12:One Veteran will be sent a letter offering credit protection serviced due to full…

Outcome: Credit Monitoring Letter was sent out to Veteran. Training and awareness provided.…

Issue: A nurse called the Privacy Officer and reported that Veteran A received medication information for Veteran B. The Privacy Officer received paperwork from Nurse and met with Pharmacy. Update: 12/17/12:Veteran B will be sent a HIPAA notification letter.…

Outcome: Pharmacy Director notified staff of incident and requested that all staff verify documents before they are sent out to ensure that it includes only information for the intended Veteran.

Issue: A VA Clothing Room Employee accidentally gave Veteran A's inventory items to Veteran B. Items included clothing items as well as Veteran A's wallet.The wallet had license, credit cards, Social Security card. Veteran B has not returned the items and…

Outcome: the following changes have been made to prevent a recurrence:1.Only authorized staff will be allowed in the Clothing Room 2.The anteroom to the Clothing Room entrance will be made into a waiting area for Veterans who want to pick up…

Issue: A nurse left a voice mail message on a Veterans answering machine that contained medication information and diagnosis information along with follow up appointment. No release on file to leave verbal information pertaining to medications nor diagnosis. Update: 12/12/12:The Veteran…

Outcome: Education provided to all staf at staff meeting. HIPAA notification letter sent to Veteran.…

Issue: A "No show" reminder letter was mailed to the wrong Veteran. The Veteran who received the letter mailed it back to the Privacy Officer. Update: Veteran B will be sent a notification letter.…

Outcome: HIPAA notification letter sent and attached. Education provided to staff.