VA Health Care Upstate New York (VISN 2)

Report ID: SPE000000069872, U.S. Department of Veterans Affairs

Reported Entity: VISN 02 Syracuse, NY

Issue:

The Privacy Officer (PO) was notified by the Patient Centered Care Coordinator that Patient A had given him copies of medical records that he had received in the mail in error on Patient B from the Release of Information (ROI) Office. The Patient Centered Care Coordinator stated that Patient A had requested copies of his own records of which he received but had also received a package with Patient B's records that were released on the same day as his own The records were given to the Privacy Officer for corrective action. Upon review, the Privacy Officer identified that Patient A had received 61 copies of medical records for Patient B that included Patient B's full name, full SSN, address, date of birth, diagnoses, procedures, medications, imaging tests, and labs. No 7332-protection information was involved. It appears from reviewing the package that the response letter for Patient A's request for his medical records was on top of the response letter and records for Patient B, and therefore were mistaken for Patient A's medical records. The Health Information Management Service (HIMS) Manager notified and will re-educate ROI Clerks on the requirement to conduct a second identity check before mailing patient records and will also update the ROI SOP to include this requirement. Update: 12/21/11:Veteran B will be sent a letter offering credit protection services.

Outcome:

HIMS/ROI Supervisor re-educated the ROI clerk on the requirement to confirm the patient's identify before releasing the records. In addition, the HIMS Manager submitted a request to HR for disciplinary action due to previous privacy violations due errors made by this ROI clerk. Lastly, the Privacy Officer ensured that Patient B received a copy of the records he had requested and went to Patient A in error.