Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Great Lakes Health Care System (VISN 12)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on November 9, 2011. Also cited in 130 other reports.
Report ID: SPE000000068493, U.S. Department of Veterans Affairs
Reported Entity: VISN 12 North Chicago, IL
Issue:
QTC Medical Services (QTC), a VBA contractor, mailed VHA and DoD information from the Captain James A. Lovell Federal Health Care Center (FHCC) to their offices. It was boxed at Lovell FHCC and moved within two rooms in a VA Outpatient Clinic (OPC). Logistics moved 24 boxes from the OPC to the warehouse, however only 23 boxes were scanned and picked up by FEDEX. The missing box was searched for but not found. The box contained information on Veterans including their name and full SSN. Update: 11/10/11:According to the Information Security Officer (ISO), the missing box contained VBA,VHA and DoD Data. The facility are pulling together a report to provide specifics counts.11/14/11:QTC has identified 14 patient charts (containing full SSN) which are believed to be missing. They were not boxed by QTC we do not have validation that all the boxes (24) were delivered to the Warehouse. FEDEX says they only scanned and shipped 23 of the supposed 24 boxes. Therefore 14 patients will receive a letter offering credit protection services.
Outcome:
The credit monitoring letters have been mailed. The contractors involved no longer have access to VA/DoD medical records. They will continue to receive information for the exams they provide for the Benefits Delivery at Discharge Program directly from VA Regional Office. All FHCC personnel are aware of proper procedures for shipping sensitive information.