VA Southwest Health Care Network (VISN 18)

Issue: On 5/22/2012, a nurse supervisor reports that Veteran A returned Protected Health Information (PHI) he received by mail for 2 other Veterans. He received his own materials as well. Veteran A returned the PHI for Veterans B and C on…

Outcome: Although reporting to PO was delayed, Nurse Supervisor took immediate action to investigate and remediate inappropriate mailing of Veteran PHI, upon discovery. She was not able to isolate the event to one person, although she believes she knows where, when,…

Issue: An employee accessed her son's electronic health record. Her son was a Veteran/employee. Update: 05/16/12:The Veteran/employee will be sent a notification letter.…

Outcome: Update provided by supervisor. Admonishment was proposed on 7/30/2012.…

Issue: Employee A accessed Veteran/employee B's medical record. Veteran/employee B is her spouse. Update: 05/16/12:Veteran/employee B will be sent a notification letter.…

Outcome: Employee received written counseling.

Issue: Veteran A reported that he received 19 pages of Veteran B's medication documentation from the Release of Information Office. Update: 05/15/12:Veteran B will be sent a letter offering credit protection services due to full name, address and date of birth…

Outcome: Supervisor proposed an admonishment & retraining.

Issue: This is an incident that was initially discovered by our ISO during an access audit. He found that a nurses access into other employee medical records looked suspicious. Upon further investigation, it was determined that she entered these records (because…

Outcome: The individual has had all computer access removed. She left employment. We notified each individual affected by this incident and provided additional training to staff..

Issue: Today, 05/02/12, the Pharmacy supervisor notified the Privacy Officer (PO) that a controlled medication Schedule II prescription was provided to Veteran B but was intended for Veteran A. This occurred yesterday, 05/01/12, when the medication was provided to Veteran B…

Outcome: Pharmacy notified clinic that Veteran did not receive medications, referral to them requested upon presentation. Further address Veteran address verification upon presentation requested in CPRS. Root cause was identified as human error in Pharmacy processing. Repeat error. Employee removing from…

Issue: An email from one of our physicians private email account was sent to other VA physicians private email accounts (as well as to one to VA account). The email contained the full name of 8 patients and the full name…

Outcome: Leadership provided additional training on how to appropriately safeguard information and send encrypted email. The affected Veterans were notified and offered free credit report monitoring.…

Issue: While investigating a privacy complaint the Privacy Officer (PO) ran a Sensitive Patient Access Report (SPAR) on Employee A. The SPAR showed that Employee B had accessed Employee A's Electronic Health Record (EHR) in July of 2011 and in December…

Outcome: Supervisor proposed Letter of Admonishment & retraining.

Issue: Labels containing patient information were found under a lid on an EKG machine and stuck to the frame around a patients pneumatic tube system. Two Veterans were affected by this event. The labels contain the Veterans' names, dates of birth,…

Outcome: Leadership has provided additional training to ensure this issue does occur again. The affected Veterans were notified and offered free credit report monitoring.…

Issue: The Pharmacy Supervisor contacted Privacy Officer (PO) to notify that a prescription for Veteran A went to Veteran B. Veteran B notified the Pharmacy that he received this on 04/23/12. He also received his correct medications. The Veteran cannot return…

Outcome: Secure arrangements were made for the return of the medication and Veteran information. Review of the pharmacy's protocols for dispensing medication were not followed by a staff member. Counseling and education regarding this protocol and the impact upon patient privacy…