Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Midwest Health Care Network (VISN 23)
184 results found from all sources. Sorted by date.
May 10, 2011
Reported as: VISN 23 Minneapolis, MN
Issue: A clinic manager mailed letters with the full name, full SSN, and date of birth (DOB) on a label attached to the envelopes. These were returned by the USPS as not a good delivery address. Update: 05/10/11:Two patients will be…
Outcome: Sent to HR for action. Employee is required to retake privacy training.
May 9, 2011
Reported as: VISN 23 Minneapolis, MN
Issue: Clinic clerks discussed a veteran who had been in the local paper charged with a crime as being enrolled in the clinic in which they worked. This was overheard by a patient and daughter in waiting room. Update: 05/12/11:Veteran A…
Outcome: Sent to HR for disciplinary action for both employees. Required to re-take privacy training.
April 29, 2011
Reported as: VISN 23 Omaha, NE
Issue: A clerk put Veteran A's medication letter in an envelope mailed to Veteran B. Veteran A sent the letter back to the VA and it was sent it to the Veteran B. The letter contained Veteran B's full name and…
Outcome: HIPAA notification letter sent out. Staff educated on importance of double checking correspondence and envelopes.…
April 26, 2011
Reported as: VISN 23 Omaha, NE
Issue: The research department employee sent out a check to a research participant, however she put the wrong address on the envelope and it was delivered to the wrong address. The party who received it in error sent it back to…
Outcome: Added notification letter to this ticket. Education was given to staff regarding the importance of double checking correspondence and addresses.…
April 12, 2011
Reported as: VISN 23 Minneapolis, MN
Issue: An Employee/Veteran questioned the validity of a clinic supervisor having a business reason for going into his medical record. Update: 04/15/11:During the audit of this record it was discovered a coworker inappropriately accessed the record. The medical record includes name,…
Outcome: Sent to HRMS for disciplinary action. Employee will be required to retake Privacy Training again immediately upon receiving HR letter.
April 11, 2011
Reported as: VISN 23 St. Cloud, MN
Issue: Veteran A received Veteran B's medical results report because the wrong address was used. The report contained Veteran B's name, but had Veteran A's address. The letter also contained Veteran B's partial SSN and the results of his exam. Update:…
Outcome: The employee who had used the incorrect address when sending the medical reports was reminded to always validate they have the correct information before sending/giving/sharing any reports or results whether by mail or in person.
April 11, 2011
Reported as: VISN 23 Iowa City, IA
Issue: Veteran A reported receiving Veteran B's lab results in the mail. Veteran A shredded the information after reporting it to the VA. Update: 04/11/11:Veteran B will be sent a notification letter.…
Outcome: Brought to the Chief of Volunteer Service to educate volunteers who do the mail outs.
April 8, 2011
Reported as: VISN 23 St. Cloud, MN
Issue: Veteran A's Fee Referral Consultation sheet was stapled to the back of Veteran B's paperwork. When Veteran B discovered he was in possession of another Veteran's paperwork, he mailed it back to the medical center. The consultation included Veteran A's…
Outcome: All staff in the care unit where this issue originated were spoken with about the necessity of ensuring they are validating that the documents they are sending or giving to Veterans actually belong to them. They were educated about doing…
April 1, 2011
Reported as: VISN 23 Iowa City, IA
Issue: The VA mailroom was notified on 04/01/11 that a package was lost by USPS. The VA tracked the name and information in the package back to the release of information department. The package was a release of information request that…
Outcome: Uploaded credit monitoring letter. Form filled out and sent back to USPS to try and locate records. Brought to the Chief of Volunteer Service to educate volunteers who do the mail outs.…
March 30, 2011
Reported as: VISN 23 Minneapolis, MN
Issue: Prosthetics requests were provided to a Compensated Work Therapy (CWT) patient to take to Prosthetics. The CWT patient left the requests on an unattended cart in a public hallway. The requests were recovered by the Privacy Officer within 5 minutes…
Outcome: Counseling and education was conducted regarding use of CWT patients. Employee required to retake Privacy Training.