Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Mid South Healthcare Network (VISN 9)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on July 29, 2011. Also cited in 328 other reports.
Report ID: SPE000000065259, U.S. Department of Veterans Affairs
Reported Entity: VISN 09 Memphis, TN
Issue:
Family member of Veteran A reported that Memphis VAMC mailed information to her father-in-law via his home address and when the information was received, it contained Veteran B's records. She stated that when she read through the record, she saw the full name and full SSN of the Veteran B as well as information pertaining to his immediate family member. The complainant stated she is a paramedic and has been trained in HIPAA Privacy Rule so the VA should investigate this complaint to prevent it from happening again. Update: 09/21/11:Veteran B will receive a letter offering credit protection services.
Outcome:
Credit monitoring letter has been mailed out to the affected Veteran. This case is considered closed as of 10/4/2011. PO drew Release of Information Staff attention to this incident. All the staff were present and were advised to pay close attention to any package they mail out to Veterans just to be sure it contains information meant for only the recipient. Each of the staff examined copy of the form that was accidentally mailed out to another Veteran. However, none of them could identify the individual who may have mailed this out. In the end, they all agreed that this issue raises privacy risks so there is need for them to pay close attention in their work process to avoid this incident from happening again.