VA Southeast Network (VISN 7)

Issue: Veteran A called to report that she received a one page copy of Veteran B's Emergency Department MD Discharge Instructions in her stack of discharge papers. The document contained Veteran B's full name, DOB, full SSN, future appointments, as well…

Outcome: Document recovered. Incident investigated by PO and Nurse Manager and most likely occurred due to the provider removing the documents from the printer and not reviewing them with the Veteran/patient prior to disclosing. The proper procedures for releasing discharge instructions…

Issue: Veteran/employee A has submitted a written complaint that his physical medical record is missing. The employee previously submitted a request for a copy of all three volumes and was told that they could not be located. Various areas of the…

Outcome: Records unable to be located. The likelihood of the records being removed from the facility is low, but this cannot be confirmed. The records would have been used by the medical center staff only, and not accessed by patients or…

Issue: An employee reported that she sent an email that was intended for a VA employee; however, the email somehow ended up being sent to a Veteran's personal email address. The Veteran emailed the employee back indicating that it was sent…

Outcome: The ISO advised the employee that this could have been avoided if the email were encrypted and instructed the employee to delete the unencrypted email from her inbox and deleted items folder.

Issue: Veteran A filed a privacy complaint with Staff Assistant to Deputy Network Director. She reported that her primary care physician at Greenville Outpatient Clinic (GOPC) discussed her medical information with her sister, Veteran B. Veteran B is also treated by…

Outcome: Letter signed by Director mailed to Veteran today indicating that investigation did not reveal that her medical information was inappropriately disclosed by CBOC Primary Care Clinic physician. Copy of letter attached.…

Issue: Patient provided a written statement to the Birmingham VA Medical Center (BVAMC) Privacy Officer (PO) that he left his non-VA medical records at the BVAMC Blue Clinic several months ago. Patient further states the receptionist at the BVAMC Blue Clinic…

Outcome: Chief, Business Management Service (BMS), Birmingham VA Medical Center (BVAMC), discussed the missing records with the physician and staff at the BVAMC Blue Clinic. All areas were searched for the missing records, but said records were not located. A credit…

Issue: A Patient's wife called the Director's office to inform the medical center that she and her husband came in to Release of Information (ROI) department to get copies of his medical records. When they got home and opened the envelope,…

Outcome: Supervisor has counseled staff and will evaluate for disciplinary recommendations. Staff are up-to-date on training.…

Issue: The Privacy Officer (PO) received an email at 9:51 AM this morning from the Compliance Officer stating that she found documents on a table by the elevator on the second floor of the VAMC at 4:15 PM on 11/02/12. The…

Outcome: The PO could not prove who left documents in second floor elevator lobby. The Veteran received procedure on the fourth floor and transferred to third floor for observation. His wife was given paperwork pertaining to his upcoming visits but stated…

Issue: A husband and his spouse are both employed at this VAMC. The wife (works in HR) received an email from an employee complaining about another HR employee's lack of assistance with her workers compensation claim. In the email, the employee…

Outcome: Employee is currently on authorized absence. Due to other issues, Supervisor is conducting an investigation and submitting a report for the Director's review/decision. Privacy Officer has no idea how long before the final determination will be made.…

Issue: An Atlanta VAMC employee who is a patient at the Augusta VAMC reported to the Augusta Privacy Officer (PO) that a co-worker inappropriately accessed her medical record without authorization after they had an altercation in the workplace. Augusta PO was…

Outcome: Staff has been retrained and required to retake the Privacy trng. Supervisor will evaluate for disciplinary action.…

Issue: Patient A presented to the Birmingham VA Medical Center (BVAMC) Patient Advocate that he had received an appointment listing of patient B which contained full SSN and full name of Patient B. The appointment listing was turned over to the…

Outcome: Credit monitoring letter mailed to patient. Supervisor of employee notified. Employee to re-take privacy training and forward certificate of completion to Privacy Officer. Privacy Officer requested to attend next staff meeting of service for brief presentation on privacy.…