VA Sunshine Healthcare Network (VISN 8)

Report ID: SPE000000074130, U.S. Department of Veterans Affairs

Reported Entity: VISN 08 San Juan, PR

Issue:

A Prosthetic purchasing agent was going to the Cooperative Bank around 2:45 PM, when she saw a blue folder that was left in a bank near the elevators of the basement. When she opened the blue folder she saw documents from a Research Study, including an Interfacility Consult (IFC) with the personally identifiable information (PII) of Veterans, and documents belonging to a Non VA Contractor. Since she was able to read the name of the Principal Investigator, she hand carried it to her. Later, around 3:50 PM the Study Coordinator (SC) in charge of the folder reported the Privacy Incident involving one patient . The SC had misplaced a blue folder which had the signed International Classification of Diseases (ICD) (original and copy) of subject. It also contained the SC VAF 10-10EZ Application for Health Benefits (original) for that VA Contractor employee. the information at risk included the Veteran's name, full SSN and protected health information (PHI). Update: 04/16/12:The Veteran will receive a letter offering credit protection services.

Outcome:

The information was returned by Employee A to Employee B. Both VACHS employees and contractors were required to safeguard documents containing personal identifiable information (PII) and protected health information (PHI) as stated in Privacy Policy CM No. 00-11-15 Responsibility Clause IV.L.(2&3) and Reasonable Safeguard Clause 4.0(d) on Attachment B. PO recommended appropriate disciplinary actions to both employees for violations of VHA Privacy Policies and Procedures.

Related Reports:

3 other violations reported on the same date. Note that other citations may be about the same event: SPE000000074089, SPE000000074126, SPE000000074127