Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Tennessee Valley Healthcare System
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on April 21, 2015. Also cited in 104 other reports.
Report ID: PSETS0000118424, U.S. Department of Veterans Affairs
Reported Entity: NASHVILLE TN - 626
Issue:
A billing statement was returned undeliverable. Upon investigation, the Privacy Officer (PO) found the Veteran had a convoluted address in the system which consisted of two addresses combined into one. A portion of this address matched that of the Attorneys Office. The PO contacted the Veteran and confirmed his address. The PO notified the Supervisor, Business Office (BO), Murfreesboro Campus, who corrected the address in CPRS. The Supervisor, BO, Murfreesboro Campus, is unable to determine how the entry error occurred as the system is not set-up to accept the combined address.
Outcome:
04/21/15: The Incident Resolution Service Team has determined that while there was an unauthorized disclosure of information (name and address), the Personally Identifiable Information (PII) involved, does not meet the criteria to require credit protection services or HIPAA notification.