Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Southwest Health Care Network (VISN 18)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on February 1, 2012. Also cited in 228 other reports.
Report ID: SPE000000071316, U.S. Department of Veterans Affairs
Reported Entity: VISN 18 El Paso, TX
Issue:
Veteran A reported that he had received the lab results of Veteran B included in the appointment information mailed to his home address. Veteran A expressed concerns regarding mishandling and returned the original mailed envelope and lab results on Veteran B to the facility. The lab results included Veteran B's full name, date of birth, name of physician, and lab values, as well as full social security number. Update: 02/02/12:Veteran B will be sent a letter offering credit protection services.
Outcome:
03/16/2012 Update: Template letter and promo code for this ticket received; preparing explanation letter draft for Director's signature to be mailed to affected Veteran. Submitted: JWinstead, Privacy Officer EPVAHCS03/27/2012 Update: NSOC Ticket #71316 for closure per notification letter/credit monitoring offer letter per Director signature for Veteran A mail-out. Three pages of Veteran A laboratory results mistakenly placed in wrong envelope by nurse in Primary Care and mailed to incorrect address of Veteran B. All original documents returned to our facility from Veteran B, via PSA in Primary Care. Original documents provided to Privacy Officer per PSA and review of circumstances leading to this privacy breach documented. Laboratory results mailed out to correct Veteran A after review/fact-finding per PSA and Nursing Supervisor for Primary Care area and determination of responsible staff involved in mishandled mail-out and disclosure of personal health information. Corrective action included: re-training of staff re: accountability, step-by-step procedures prior to mail-out of medical information and in-servicing for staff re: labeling, mail-outs, and double checks required prior to mail-out. NSOC review affirmed privacy breach requiring Veteran notification and offer of credit monitoring to Veteran whose information was incorrectly mailed to another Veteran. Letter of thanks drafted for Veteran B who reported and returned the envelope and incorrect documents to our facility. recommend ticket closure based on mitigation, corrective action documented per above and uploading of redacted letter offering credit monitoring mailed to Veteran A. Submitted: JWinstead, Privacy Officer EPVAHCS