Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Northwest Network (VISN 20)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on April 11, 2011. Also cited in 208 other reports.
Report ID: SPE000000060757, U.S. Department of Veterans Affairs
Reported Entity: VISN 20 Portland, OR
Issue:
Employee A has reviewed the access log to her VA medical record and noted that a co-worker has accessed her record without her authorization or need to know. She reports that this same co-worker has accessed Employee B's medical record without a need as well. Update: 04/11/11:Employee A and B will be sent letters offering credit protection services.
Outcome:
The employee who accessed the records has been counseled that she did not have a need to know in these instances. The employee signed a memo acknowledging that she received this counsel from the Privacy Officer and her supervisor. The results of fact finding are being provided to human resources. The employee has already retaken the LMS online Information Security and Privacy Web modules.