Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Midwest Health Care Network (VISN 23)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on February 16, 2011. Also cited in 183 other reports.
Report ID: SPE000000058466, U.S. Department of Veterans Affairs
Reported Entity: VISN 23 Omaha, NE
Issue:
Environmental Management Service (EMS) found a bag full of patient records including full SSN and protected health information (PHI) sitting in a trash bag liner in the hallway. They notified VA Police who contained the items in their investigative file. Police then notified the Privacy Officer (PO) and sent the PO copies of the documents. There appears to be around 45 VA patients' full SSN and PHI in the documents. Update: 02/17/11: Due to the fact that the trash was left unattended and there was full SSN and PHI,45 VA patients will receive a letter offering credit protection services. 03/16/11: There are now 94 VA patients' information found, and 18 patients from the affiliate university. A resident goes between the VA and the affiliate university hospital and brought a patient list from the university into the VA which was found in the trash bag. The patients from the affiliate hospital were found on a patient list report and included bed, patient name, medical record number, DOB, age, type, sex, provider, and admit date, but are not Veterans. The 94 VA patients will receive a letter offering credit protection services. The PO will advise the affiliate hospital of the fact that the 18 patients information was found so that the affiliate may offer credit protection to those patients.
Outcome:
Person responsible was found and educated/reprimanded. Credit monitoring letters sent out.