Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Rocky Mountain Network (VISN 19)
134 results found from all sources. Sorted by date.
September 19, 2011
Reported as: VISN 19 Salt Lake City, UT
Issue: Employee A accessed another Employee B's electronic Veteran medical record, once in 2005 and once in 2009. Update: 09/19/11:Employee B will be sent a letter offering credit protection services, since their full SSN and date of birth were accessed.…
Outcome: This employee was issued a disciplinary action on 5/3/11. On 6/30/11, this employee voluntarily retired from the VHA. Credit monitoring letter sent to employee's home address on 9/20/11. Redacted copy of Credit Monitoring letter sent to the VAIRCTMailbox on 9/22/11.…
September 7, 2011
Reported as: VISN 19 Sheridan, WY
Issue: Veteran A received correct medication with incorrect medication labeling of Veteran B. The Veterans have the same first and last name - but middle name is different. The labeling has Veteran B's name and address and was promptly returned to…
Outcome: Education will be provided to the offending employee by the pharmacy chief regarding checking paperwork before it is placed in bags for mailing.
August 30, 2011
Reported as: VISN 19 Sheridan, WY
Issue: A medication intended for Veteran A was mailed to Veteran B. The label had the Veteran A's name but was addressed to Veteran B. The medication was not narcotic and was returned promptly to the pharmacy when mistake was discovered.…
Outcome: The Assistant Chief and Chief of Pharmacy will be counseling the pharmacy techs on mailing procedures, because there is no way to determine which tech was responsible for the mis-maiing. They are looking into a change in process that will…
August 16, 2011
Reported as: VISN 19 Cheyenne, WY
Issue: Medical records were released without 7332 specific authorization. The 7332 information was not redacted. Update: 08/16/11:The individual whose 7332 information was sent unredacted will be sent a notification letter.…
Outcome: Employee received proposed reprimand 8/30/11. Employee received reprimand 9/12/11.…
July 29, 2011
Reported as: VISN 19 Fort Harrison, MT
Issue: On 07/19/11, a VA employee faxed a copy of a CPRS consult and prosthetic purchase order to a fax number thought to have been a prosthetic vendor, when actually it was to a private citizen. The private citizen notified the…
Outcome: Education given to employee. Chief of Prosthetics changed procedural requirements to reduce amount of faxing.…
July 11, 2011
Reported as: VISN 19 Denver, CO
Issue: VA Police Staff found unsecured patient health information (with full SSN and name) documents on check-in clinic counter in a public access area. Update: 07/18/11:Due to the fact that the information was unsecured in a public area over 24 hours,…
Outcome: PO provided education to staff. Credit monitoring letter sent out.…
July 1, 2011
Reported as: VISN 19 Denver, CO
Issue: VA Police conducted a foot patrol around the medical center during off business hours and found unsecured printed documents containing individually identifiable information. Update: 07/01/11:The papers were routing slips that had 58 Veterans' full SSN on them. The 58 Veterans…
Outcome: The Privacy Office recommends education on reasonable safeguard practices for the employees who work in this area. Employees were reminded to lock up documents containing personally identifiable information (PII) or protected health information (PHI) after their shift.Fact Finding with employees…
June 24, 2011
Reported as: VISN 19 Fort Harrison, MT
Issue: A two sided document containing personally identifiable information (PII) and protected health information ( PH) for 13 patients was found outside the facility on the grass between the stairwells. An IT Specialist immediately gave it to the Information Security Officer…
Outcome: Education given to nursing staff regarding proper disposition of the nursing census report-- shred at end of the tour of duty.
June 22, 2011
Reported as: VISN 19 Fort Harrison, MT
Issue: Date of event and date discovered: 6/22/11 Issue: VA clinical employee with authorized access, created a CPRS progress note for 2 Veterans. An additional signer was selected from the "Identify Additional Signers" dropdown box that was the wrong recipient (the…
Outcome: We have no control over the "Additional Signer" data base that is used for CPRS. So, education was given to ALL staff to use caution and pay attention to the names that pop up on the additional signer drop down…
May 20, 2011
Reported as: VISN 19 Cheyenne, WY
Issue: Two patient checked in to the ER within minutes of each other. Both patient were given the wrong routing slips. Both patient viewed the other personal identifying information. The information contained full SSN, full name, medical information, and DOB. Update:…
Outcome: Supervisor wrote a SOP stating how each case was to be handled. MSA and Nurse are to verify every patient and routing slip belongs to the individual prior to handing them to the patient and before doing any documentation in…