Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Healthcare - VISN 4 (VISN 4)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on April 3, 2013. Also cited in 239 other reports.
Report ID: PSETS0000087495, U.S. Department of Veterans Affairs
Reported Entity: VISN 04 Lebanon, PA
Issue:
Veteran A enrolled for health care at the medical center. The clerk placed Veteran A's demographic information into Veteran B's record. When Veteran B reported for a scheduled outpatient appointment and the clerk was verifying the demographic information with Veteran B, it was found that the computer system had Veteran A's information in the file. Computer Staff made corrective changes into the VISTA system to provide accurate information for both Veteran A and Veteran B. Update: 04/03/13: Veteran B was verbally asked demographic question of Veteran A's information. When asked those questions, it was then found that the information in our computer system was incorrect. 04/08/13: The employee asked specific questions of Veteran B, thus disclosing Veteran A's name, address, date of birth and full SSN. Veteran A will receive a letter offering credit protection services. 04/11/13: On 03/08/13, the enrollment clerk entered an enrollment application for a Veteran applying for care. This Veteran is Veteran A. When entering in Veteran A, who was applying for care at our medical center, she over rode a Veteran B's information in the system and wiped out demographic information for Veteran B. When Veteran A came in for a scheduled appointment on 03/29/13 at our medical center, she was verbally asked demographic information of Veteran B. Everything was verbal when the clerk was verifying all the demographic information. Nothing was mailed to either Veteran that included this information. The Privacy Officer (PO) was completing the credit monitoring letter to inform Veteran B of the privacy violation, and discovered Veteran B is deceased. Veteran B's next of kin (NOK) will receive a NOK letter. NOTE: There were a total of 24 Mis-Handling incidents this reporting period. Because of repetition, the other 23 are not included in this report, but are included in the "Mis-Handling Incidents" count at the end of this report. In all incidents, Veterans will receive a notification letter and/or credit monitoring will be offered if appropriate.
Outcome:
Enrollment staff were reminded on the importance of safeguarding patient health information and reviewing computer information. AMG