Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Beckley VA Medical Center
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on May 5, 2014. Also cited in 22 other reports.
Report ID: PSETS0000103698, U.S. Department of Veterans Affairs
Reported Entity: BECKLEY WV - 517
Issue:
On 5/5/14 at 8:30 a.m. a Release of Information (ROI) department employee stopped by to tell the Privacy Officer (PO) of a privacy incident on a Veteran's protected health information (PHI) in MyHealtheVet. This privacy incident occurred with VA Form 10-5345a being signed by a daughter of the Veteran who does not have Power of Attorney (POA) on 09/07/12 for all available electronic personal health records. The form said access to all available electronic personal health information via My HealtheVet (MHV) account. This document stated "All prerequisites for In-Person Authentication have been satisfied, including MHV training." It appears that this signed form was faxed to the ROI department. Then the ROI department sent to MHV Coordinator who authenticated the form. Now this daughter who does not have POA has all PHI about her father, the Veteran, via MyHealtheVet. A different daughter has POA and was wondering how her sister was finding out information about their father, the Veteran. There is a lot of turmoil/dissention between the two sisters.
Outcome:
05/05/14: The Incident Resolution Team has determined that Veteran A will be sent a HIPAA notification letter due to Protected Health Information (PHI) being disclosed.