VA Sunshine Healthcare Network (VISN 8)

Issue: In addition to his own test results, Veteran A also received Veteran B's test results in the same envelope. Veteran A contacted the Director's Secretary about the problem who in turn notified the Privacy Officer. Veteran A has been instructed…

Outcome: Pitney-Bowes contractor alerted, along with Service chief. Mailroom personnel asked to fan/flip paper prior to machine insertion, per contractor.

Issue: A Veteran went to Release of Information to get copies of her records. The staff provided those and unfortunately copies of another patient's pathology reports. Report contains the Veteran's full name, full SSN, and medical pathology information. The Privacy Officer…

Outcome: It was determined that the employee involved was fulfilling one request, when the employee stopped what she was doing, due to the result of a printer jam. The error occurred when the employee was attempting to print records for a…

Issue: A Veteran reported receiving exercise papers and found patient information on the back of the instructions. The information contained two Veteran's full name, full SSN, and appointment information. The Privacy Office will further investigate. Update: 04/06/12:Two Veterans will be sent…

Outcome: The employee involved was counseled and steps to prevent similar occurrences were undertaken. The employee involved re-took Privacy and Information Security training. Credit Monitoring Letter mailed to the two affected Veterans.…

Issue: A VA employee requested a Sensitive Patient Access Report (SPAR). He then requested justification of access by two employees within his service. Update: 04/04/12:The employee will be sent a letter offering credit protection services due to the inappropriate access and…

Outcome: Service Chief has conducted a fact finding. Appropriate administrative action has been delivered to the two employees. No justification of access to the employee's medical record. Per the SPAR and communication with the Service Chief, he has stated that these…

Issue: A clerk in Release of Information inadvertently uploaded Veteran A's electronic record to the Social Security Administration for Veteran B's social security benefits . Update: 03/28/12:Veteran A will be sent a letter offering credit protection services.…

Outcome: A credit monitoring letter was mailed to the Veteran affected by the incident. The clerk in Release of Information was counseled by supervisor and provided additional training. The employee will apply additional safeguards when uploading patient sensitive information for any…

Issue: A medical resident room was left unsecured with progress notes left in the room. This was discovered by the Environmental Management Service Chief and turned over to the Privacy Officer. Update: 03/28/12:Six (6) Patients will be sent letters offering credit…

Outcome: Service Chief counseled the physician and prepared PowerPoint for residents to better understand how to create list/documents using CPRS functions. Service Chief has arranged to present at affiliated med school on HIPAA and Privacy issues.

Issue: A Veteran/Employee was brought to the Emergency Room (ER) for treatment. A text message was sent by another employee, to another VA employee, disclosing the diagnoses and the person's name who was admitted. Update: 03/28/12:The Veteran/Employee will be sent a…

Outcome: The PO met with the Veteran /employee (patient). The employee informed the PO that she requested to be transferred to another VA for privacy reasons. She requested a SPAR. Senior Management has been informed and a fact finding is to…

Issue: A clerk gave Veteran A an appointment slip belonging to Veteran B. Veteran A did not realize the mistake until a week later when reporting for an appointment. Update: 03/26/12:Veteran B will be sent a notification letter.…

Outcome: Unable to identify individual. Clinical supervisor will address document verification at staff meeting.

Issue: Veteran A received Veteran B's treatment plan progress note at inpatient hospitalization discharge. The note contained Veteran B's full name, full SSN, date of birth and medical information. The Privacy Office will further investigate this matter. Update: 03/20/12:Veteran B will…

Outcome: Employees involved were counseled and steps to prevent similar occurrences have been under taken. Privacy and Information Security training re-taken by employees involved. Credit Monitoring Letter mailed to affected Veteran.…

Issue: A patient received five other patients letters along with his own from the doctor with test results. The letters contained full name, full address and medical information. Update: 03/19/12:All five Veterans will be sent a HIPAA notification letter.…

Outcome: Chief of service notified and training was provided to employee by Privacy Office and awareness of checking the information many times before putting into an envelope and mailing.