Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Mid-Atlantic Health Care Network (VISN 6)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on August 2, 2011. Also cited in 187 other reports.
Report ID: SPE000000065319, U.S. Department of Veterans Affairs
Reported Entity: VISN 06 Durham, NC
Issue:
A VA form 10-5345 (release of information) was found unsecured in the mail room by VA Employee A. The release of information form included Veteran A's name and full social security number. VA Employee A brought the form to VA Supervisor B who gave it to the Privacy Officer (PO). It is undetermined how the release of information form got from the Community Based Outpatient Clinic (CBOC) to the VAMC but it was unsecured. It is also undetermined how long (or at all) the release of information form was out of VA control. Update: 08/02/11:Veteran A will be sent a letter offering credit protection services, due to full name and full SSN being exposed.
Outcome:
All mail room employees were reminded to place any unsecured patient health information in a VA envelope and give directly to the PO if uncertain where information should go. Also, CBOC staff have a process in place but will be reminded to utilize this process to protect the transmittal of patient health information.