Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
South Central VA Health Care Network (VISN 16)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on January 3, 2013. Also cited in 317 other reports.
Report ID: PSETS0000084244, U.S. Department of Veterans Affairs
Reported Entity: VISN 16 Oklahoma City, OK
Issue:
In a Tell It To The Director letter a Veteran states that his now ex-wife accessed his records and read them without his permission. Divorce granted 8/15/12 according to The Oklahoma State Courts Network website. He states that she used the information in their divorce. Ex-wife is an employee at the VA and is in nursing. She is the nursing patient flow coordinator. At this point of entering the ticket, the Privacy Officer (PO) believes employee did not have a need to know or the need to enter Veteran's CPRS record. SPAR shows that the ex-wife accessed CPRS record on 07/30/12, 07/31/12 before the divorce was granted, the Veteran did not have any visits on those days. The ex-wife accessed the record again on 12/07/12. Veteran did have an ER visit on that day but again, the PO does not believe the employee should have accessed record. The PO is sending information to Associate Director, Patient Care Services and Supervisors for further investigation and review. Update: 01/03/13:One Veteran will be sent a letter of notification.
Outcome:
Employee took privacy and information security awareness, signed the rules of behavior and took privacy and HIPAA training. Employee was also referred to Human Resources for appropriate administrative action.