Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Midwest Health Care Network (VISN 23)
184 results found from all sources. Sorted by date.
October 7, 2011
Reported as: VISN 23 St. Cloud, MN
Issue: Veteran A had an appointment with his medical provider. He left a pamphlet in the exam room. Folded inside the pamphlet were paper copies of his lab results. Veteran B had an appointment with the same medical provider. The nurse…
Outcome: The employee who sent the documents in error was advised that in the future, she needs to ensure the identity of the document owner rather than making the assumption that they belong to the last person in the exam room…
September 28, 2011
Reported as: VISN 23 Iowa City, IA
Issue: An outside agency reported receiving a fax from the VA facility regarding a prescription that was sent to them. The fax was sent to the incorrect fax machine number. The prescription and information pertaining to Veteran A included his full…
Outcome: Education provided to all staff by CBOC clinic Coordinator.
September 28, 2011
Reported as: VISN 23 Iowa City, IA
Issue: A Sensitive Patient Access Report was run on a Veteran who was a former employee who passed away. Employee names showed up on the report as potential unauthorizaed access to the medical records. The Privacy Officer (PO) investigated and asked…
Outcome: PO recommended action be taken. HR proposed 30 day suspension. Executive leadership removed proposed action and felt employee accessed record within her job duties.
September 28, 2011
Reported as: VISN 23 Iowa City, IA
Issue: A Sensitive Access monitor log reported a VA employee accessing a sensitive patient record. The Privacy Officer (PO) requested the employee to provide written justification for accessing the medical record. The employee indicated she accessed the record by mistake and…
Outcome: No violation found by privacy officer.
September 21, 2011
Reported as: VISN 23 Iowa City, IA
Issue: Veteran A reported receiving Veteran B's X-ray results in the mail with his own results. The note included Veteran B's full name and address along with the X-ray result information, The information was not returned to the VA but reported.…
Outcome: Awareness provided to volunteers by the Chief of Volunteer service.
September 20, 2011
Reported as: VISN 23 Minneapolis, MN
Issue: Two employees inappropriately accessed Employee C's medical record. Update: 09/20/11:Employee C will be sent a letter offering credit protection services due to full name, full SSN being accessed inappropriately.…
Outcome: Evidence sent to HRMS for disciplinary action.
September 16, 2011
Reported as: VISN 23 Iowa City, IA
Issue: Veteran A received Veteran B's lab results with their lab results. Veteran A returned Veteran B's lab results to the VA. The letter included Veteran B's full name, address, diagnosis and lab information. No 38 USC 7332 information was involved…
Outcome: Retrieval of letter. Talked to volunteers who send out letters.
September 13, 2011
Reported as: VISN 23 Omaha, NE
Issue: A insurance card buffer patient list was attached to a letter to another veteran. This list contained 10 individuals full names, and full SSNs Update: 09/13/11:Ten (10) Individuals will be sent letters offering credit protection services due to full name…
Outcome: Attached credit monitoring letter. Education/Training was given to staff.…
September 6, 2011
Reported as: VISN 23 Omaha, NE
Issue: A Provider left a folder with her patients' information on the top of her car at home and drove off and it blew off the side of the street. Two individuals in the public noticed them as they drove by…
Outcome: Sent redacted letters for promo codes. Disciplinary action along with education was given to the provider along with a meeting with myself and clinical staff regarding prohibiting the practice of bringing physical patient information home.…
September 1, 2011
Reported as: VISN 23 Iowa City, IA
Issue: The Information Security Officers (ISO) were looking through the Sensitive Patient Access Report and came across an employee accessing a Veteran/employee's chart. The ISO gave the report to the Privacy Officer (PO). The PO will follow up with the employee…
Outcome: One day without pay suspension.