Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Southwest Health Care Network (VISN 18)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on April 29, 2011. Also cited in 228 other reports.
Report ID: SPE000000061806, U.S. Department of Veterans Affairs
Reported Entity: VISN 18 El Paso, TX
Issue:
A Veteran received an envelope stuffed with 7 other Veterans' medical information via mailed envelope to his home address. Upon receipt he noticed that 7 other Veterans' information included in the envelope, called the facility and spoke to the Post Service Officer (PSO) Supervisor and made arrangements to return entire packet to facility Privacy Officer. The Veteran hand delivered the packet to the Program Support Assistant (PSA) Supervisor in Primary Care, who in turn provided it to the facility Privacy Officer. The 7 printouts were from CPRS and had the "Work Copy - Not for Medical Record" written on them. The print outs included full patient name, last 4 digits of SSN hand printed into bottom left corner and printed as custom letter with medical, diagnostic, and lab results information had all been stuffed in small envelope and sent to this Veteran. The return address was designated "002 PC". Update: 05/02/11: The 7 Veterans will receive a letter of notification.
Outcome:
06/15/2011 Letters of notification prepared, mailed out to 7 Veterans whose information was inappropriately mailed to Veteran who reported incident. Appropriate explanation of mishandling, and facility corrective action noted in this letter. Redacted copy of NSOC notification letter uploaded to SPE/NSOC ticket with recommendation for ticket closure based upon corrective action as noted above and letters of mail-out letter of notification to affected Veterans. Additionally, thank you letter also provided per Privacy Officer/Director to the reporting Veteran - thanking him for appropriate notification to facility privacy officer and support of privacy practices for our Veterans/giving us opportunity to improve services. Submitted: J Winstead, Privacy Officer EPVAHCS 06/15/2011 Redacted letter of Notification uploaded. Recommend/request ticket closure per above noted corrective action and per required notification provided to affected Veterans. J Winstead, Privacy Officer EPVAHCS Update per Chief, HAS noted that entire issue of mail-out and accountability for specific processes as related to this incident were reviewed with staff in the responsible Clinic area. Corrective Action per Chief, HAS - documentation noted that the responsible Supervisor for the Primary Care Clinic MSA Staff has instructed all of the MSA staff to insure that they verify all documentation prior to mailing it out. Because of coverage and filling of vacant positions by variety of MSA personnel, cannot identify which MSA actually mailed out this packet incorrectly - but all of the staff were re-instructed on the proper requirements for mailing out information.