Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Northwest Network (VISN 20)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on August 13, 2012. Also cited in 208 other reports.
Report ID: SPE000000079122, U.S. Department of Veterans Affairs
Reported Entity: VISN 20 Portland, OR
Issue:
Veteran A requested her records on CD from the Portland VA Medical Center Release of Information Office but was mistakenly given Veteran Bs records on CD. The CD contained 64 pages including Veteran B's full name, address, full SSN, medication lists, immunizations and progress notes. Veteran A reported the error to the Privacy Officer (PO) and handed over the CD. She stated that she only looked at the first couple of pages. The CD was out of VA control for 3 days. Update: 08/14/12:Veteran B will be sent a letter offering credit protection services.
Outcome:
The office that created the CD has discussed the process in which allowed the incorrect information to be burned to the CD disclosed. The employees have been instructed to use a separate process to prevent this error from being repeated.