The following press release was issued Nov. 22 and refers to a VA incident originally discussed in a previous blog entry.
Last month, the Oklahoma City VA Medical Center discovered a handwritten log book with 1,950 patients’ names and the last four digits of their Social Security numbers was missing from a respiratory laboratory.
After an extensive investigation, the VA Medical Center concluded that VA personnel most likely shredded the log in accordance with Veterans Health Administration (VHA) requirements for destruction of sensitive personal information, and it is doubtful that anyone other than VHA personnel had access to the log. Medical Center officials have no reason to believe any malicious activity was involved. To protect against future losses of personally identifiable information, the Medical Center has implemented a process to eliminate the use of handwritten logs unless they are specifically required for regulatory compliance.
In accordance with the requirements in the Health Information Technology for Economic and Clinical Health (HITECH) Act, the Oklahoma City VA Medical Center is sending notification letters about the situation to the Veterans whose names were identified as being in the log. In addition, the Veterans Health Administration will submit information about this breach to the Department of Health & Human Services for publication on its Web site.
Anyone concerned about identity theft issues may find more information on the Federal Trade Commission Web site, http://www.ftc.gov/bcp/edu/microsites/idtheft/consumers/consumer-publications.html
The Oklahoma City VA Medical Center continuously trains all employees about VA requirements for the secure handling and protection of Veteran patient information. VA is committed to protecting Veterans and their families and is constantly reviewing and improving systems designed to protect private information.
For more information, call toll-free, (866) 835-5273.
Source: Oklahoma City VAMC, Nov. 22, 2010