VA New England Healthcare System (VISN 1)

Issue: Veteran A received the appointment letters for 3 other Veterans and returned them to the Patient Advocate. The letters contained the name, address and medical information for the three Veterans. Update: 08/06/12:The three Veterans will receive a letter of notification.…

Outcome: Referred to supervisor for corrective action, the documents was returned to the VA and destroyed.

Issue: Employee posted picture of nursing home Veteran on her Facebook page. PO in receipt of printed Facebook pages with the photo. Veteran's name is not mentioned in posting, but it does mention that the picture is one of her patients.…

Outcome: Employee is fully aware of her wrongdoing. Supervisor will work with HR regarding disciplinary actions that will include employee re-taking privacy and information security training. PO will draft notification letter for Veteran. All User email sent out 9/4 reminding employees…

Issue: Veteran A received in the mail prescription medication information sheets that were for Veteran B. Veteran A mailed them back information to Privacy Officer. Update: 07/26/12:Veteran B will be sent a notification letter.…

Outcome: Pharmacy staff given additional guidance about verifying documents before they are sent out to ensure that envelopes only include information for the intended veteran.

Issue: Veteran A received an appointment letter for Veteran B. The letter contained Veteran B's name, address, full SSN and appointment information. Update: 07/26/12:Veteran B will receive a letter offering credit protection services.07/31/12:An appeal was filed. The DBCT reviewed and granted…

Outcome: We received the appointment letter back and it was given to the Supervisor for corrective action.

Issue: An VA Employee called Veteran A for follow up. Veteran A reported that he received a paper with the name and SSN of Veteran B when he left our facility. Veteran A confirmed that he destroyed the information. It has…

Outcome: PO directed employee to re-complete privacy and security training and National ROB and send the certificate by COB Friday, July 27, 2012. Supervisor and HR notified.…

Issue: The Mail Room staff dropped of a sealed envelope with a Bedford VA return address that was processed by the US Postal Service. The envelope had no addressee and was unopened. However, on the front of the envelope was the…

Outcome: Research staff confirmed that this envelope was provided to the hospitals admissions clerk who then was to place the envelope in a combination-locked safe in the Urgent Care area. Apparently, this envelope did not make it into the safe and…

Issue: A Primary Care nurse reported to the Privacy Officer (PO) that Veteran A was given Veteran B's medications. The Privacy Officer picked up the medication bag and prescription bottle and returned them to Pharmacy. The Patient Safety Nurse was also…

Outcome: PO spoke with Pharmacy Chief about incident. Pharmacy Chief will remind all staff to be vigilant in filling out prescription orders.…

Issue: The Information Security Officer (ISO) ran a sensitive flag report and forwarded information to be review to the leadership. After review, one employee was asked why they accessed another employee's record. In the past this employee had a relationship with…

Outcome: The Supervisor of the employee is going to Human Resources to get guidance on action to this individual. The Privacy Officer has recommended that the employee retake Privacy training.…

Issue: Veteran called the MyHealTheVet Service desk and stated that while he was logged into his profile, the site would display the information and profile of another Veteran. The system allowed the 2 Veterans to create accounts with the same username.…

Outcome: My HealtheVet accounts (2) deactivated requiring both Veterans to contact the Help Desk to create a new User Name and reactivation of accounts. CM leeter sent to Veteran B due to the fact that Veteran A was able to view…

Issue: A Veteran called the Privacy Officer (PO) and explained that he received his medical information in the mail from the Release of Information (ROI) office and it was opened. The envelope was not sealed so anyone could open it and…

Outcome: Spoke with employee on the process - to double check envelopes before putting in mail bin for mailing. The Veteran mailed the information that was sent to him unsealed and it never was received by the PO, so I changed…