Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Southeast Network (VISN 7)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on April 24, 2013. Also cited in 225 other reports.
Report ID: PSETS0000088442, U.S. Department of Veterans Affairs
Reported Entity: VISN 07 Birmingham, AL
Issue:
The Administrative Officer for Birmingham VA Medical Center (BVAMC) Mental Health Unit notified the BVAMC Privacy Officer (PO) that a clerk in the Mental Health unit provided Veteran A patient with the appointment listing for Veteran B. The appointment listing contains full name and last four of the patient's social security number and the upcoming visits scheduled. Update: 04/24/13:Veteran B will be sent a letter offering credit protection services.05/16/13:This was determined to be HITECH reportable by VHA Privacy Office.
Outcome:
Birmingham VA Medical Center (BVAMC) Privacy Officer (PO) contacted the service and requested the service to advise the clerk who inadvertently provided the wrong appointment listing that he/she is required to immediately re-take the HIPAA/Privacy training and provide certification of completion of training to the PO. Additionally, the Acting Associate Medical Center Director sent a memo to all BVAMC Service Chiefs requiring each service to submit an action plan addressing the service's plan for protecting patient health information.