VA Southeast Network (VISN 7)

Issue: Veteran A received his Birmingham VAMC medical records via mail per his request. Mixed in his records were 8 pages of Veteran B's records (lab reports primarily). Veteran A brought the medical record copies that were not his to the…

Outcome: Employee was counseled about incident and required to re-take the Privacy and HIPAA training.

Issue: A VA employee accessed a patient's record without a need to know: The VA employee stated there are many reasons that could be listed as to why an access would be found. There was an access on 12/22/09, 01/11/10 and…

Outcome: Employees have received appropriate training. Education concerning accessing Veterans records without a need to know provided. Employees retrained in privacy policy training with emphasis on record access. All appropriate information shared.…

Issue: On 12/1/2011, Veteran A contacted the Dorn Outpatient Pharmacy by phone to report an incident. The Veteran informed the Pharmacist that Veteran B's medication was inadvertently added to his medication package. The Pharmacist immediately entered a request for UPS to…

Outcome: The VA Chief of Police, VA Detective, and IG Office have been notified for futher investigation. Staff is being re-educated on the need to safeguard patient information.…

Issue: The Privacy Officer (PO) received a call from Regional Office Service manager this afternoon regarding offering credit monitoring letters to Veterans due to lost claim files. This is the first time the PO was notified of this incident. According to…

Outcome: Letters are being sent to veterans. Please close.

Issue: Veteran A called the Dorn VA Medical Center Mental Health Service to inform her provider that her "Care Partner" (cousin), received copies of medical records by mail, which were intended for the Veteran. The medical records were inadvertently mailed by…

Outcome: Staff is being re-educated on the need to safeguard patient information.

Issue: Veteran A's son called the Dorn VA Medical Center Release of Information Office (ROI) to inform them that his father received copies of medical reports by mail, which was intended for Veteran B. The reports were inadvertently mailed to Veteran…

Outcome: Staff is being re-educated on the need to safeguard patient information.

Issue: A contractor (business associate) working in the Fee Basis section at the medical center accessed a patients CPRS records without authorization. the patient called the Aternate PO to complain that her ex-partner told her the contractor looked in the patient…

Outcome: Individual was provided re-training steps, sanctions were applied to individual, made to retake Privacy trainingCM Ltr sent.

Issue: Caller contacted Release of Information (ROI) on 11/21/11 and spoke with staff member regarding package received at their place of business. ROI staff transferred caller to the Privacy Officer (PO). According to caller, a box of veteran files from CAVHCS…

Outcome: Spoke with C&P Supervisor regarding package labeling and the need to maintain strict safeguards on handling sensitive information. Requested this issue, communication and training is provided to staff duing staff-meeting (in-service).

Issue: A Veteran went to the release of information department (ROI) and completed a release form. She was told that the records would be mailed. Another Veteran received his records at the ROI counter right after the previous Veteran. When he…

Outcome: Provider has been educated and was required to re-take the Privacy Trng.Memo to HR sent.Ltr uploaded, closing ticket.

Issue: A supervisor accessed the patient inquiry application to obtain a home address to forward personal information to a Veteran. Update: 11/22/11:There was a policy violation. No data breach has occurred.12/13/11:On further investigation, the supervisor accessed an employee's patient inquiry file…

Outcome: The employee received training and awareness of the importance of accessing patient records.Employees have been educated/trained in awareness of the importance of accessing patient records.