Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Southwest Health Care Network (VISN 18)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on April 25, 2011. Also cited in 228 other reports.
Report ID: SPE000000061523, U.S. Department of Veterans Affairs
Reported Entity: VISN 18 El Paso, TX
Issue:
Veteran A reported and returned the copy of lab results that had been mistakenly included in his medical information which had been provided to him at the front desk of the Release of Information Section. Two pages of one lab results copy on Veteran B had been inadvertently included in the information provided to Veteran A. Veteran A, upon getting home and reviewing information provided to him, noticed that two pages of lab data were not his and returned the two pages to the Medical Record/Release of Information Supervisor and filed report of circumstances with the Supervisor of that area as well as with Privacy Officer - noting circumstances (as documented above) and verifying that he had not kept any data that was not his and explained that he was concerned about this error and wanted issue addressed and other veteran to be aware that he had returned the only copy back to the facility. Update: 04/25/11:The information disclosed included Veteran B's SSN and medical information. Veteran B will be sent a letter offering credit protection services.
Outcome:
Update - Notification letter and offer of credit monitoring completed for mailing to Veteran whose information was inappropriately disclosed. Copy of letter uploaded to NSOC/SPE ticket; requesting ticket closure based upon remediation and corrective action as documented above. Corrective action to address this issue was taken between 4/25/2011 and 06/18/2011 included: review of DSS-ROI procedures with front desk staff in ROI area, overview and emphasis with entire Medical Records staff during weekly meeting of privacy/confidentiality safeguards routinely utilized in processing of ROI requests; discussion and written reminders provided re: verification of every page of information prior to and during stamping of documents with EPVAHCS-confidentiality stamp and double check review - again of all documents) prior to providing to Veterans at front desk and/or via mail-out process. Accountability for accuracy and confidentiality stressed during discussion of this incident with staff as well as responsibility for safeguarding Veteran's data. Submitted: J Winstead, Privacy Officer EPVAHCS Note also that thank you letter provided to Veteran who provided report of issue and who also returned the other Veteran's copy of lab results. J Winstead, Privacy Officer.