Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Southeast Network (VISN 7)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on March 30, 2012. Also cited in 225 other reports.
Report ID: SPE000000073532, U.S. Department of Veterans Affairs
Reported Entity: VISN 07 Tuscaloosa, AL
Issue:
On 3/30/12, a nurse practitioner (NP) reported that an appointment schedule list (print date 3/20/2012) containing the name of two veterans was missing from her desk. The schedule contained the veterans' full name, SSN, appointment information, service connection, and phone number. There was also documentation from an earlier phone visit with another Veteran on her desk that contained the full name and phone number. After completing an appointment with a Veteran, and exiting with Veteran, the NP closed the office door resulting in the door being locked. As the NP entered the office, she noticed that this information was missing from her desk. The Veteran that exited the office with the NP, was located and was asked if he had picked up the information. The Veteran replied that he did not have the information in his possession. The VA Police and Privacy Officer were notified. Each desk and garbage can in the area was searched and the information was not found. Update: 04/02/12:Two (2) Veterans will be sent letters offering credit protection services.
Outcome:
The Privacy Officer (PO) has recommended that the employee read and acknowledge the receipt of the "Clean Desk Policy" and the local Privacy Policy regarding Reasonable Safeguards attachment A, page 8. Upon completion, have the employee to sign and date an acknowledgement sheet for record. Supervisor: To disseminate the "Clean Desk Policy" and local Privacy Policy and have available for scheduled in-service be conducted by the PO. Attendance will be taken by the PO. The supervisor has involved Human Resources involving the disciplinary action(s) pertaining to this employee.Credit Monitoring Letters have been completed.