Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Veterans In Partnership (VISN 11)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on January 18, 2013. Also cited in 213 other reports.
Report ID: PSETS0000084832, U.S. Department of Veterans Affairs
Reported Entity: VISN 11 Indianapolis, IN
Issue:
The Information Security Officer (ISO) was contacted by VA Social Work staff regarding a patients detailed personal information being faxed on 01/16/13, to the Hoptel. The Hoptel is a non-VA contracted hotel where VA outpatients from out of town can spend the night while receiving VA care. The Hoptel office manager contacted VA Social Work to report the incident. The Hoptel only requires the patients name to be faxed to the them (along with a VA signature/authorization), so they can reserve a room for the patient. However on 01/16/13, the entire cover sheet from the patients CPRS record (which includes patient name, SSN, DOB, address, phone and PHI) was faxed to the Hoptel. The Hoptel office manager was concerned that VA was providing the detailed personal health information , when it was not required.The ISO contacted the Hoptel office manager and the fax has been destroyed. Update: 01/18/13:VA has a contract with the Hoptel but it does not contain any security language. The patient will receive a letter offering credit protection services.
Outcome:
The VA Hotel staff have modified the process for creating hotel reservations for VA patients, so PII is not longer provided to the Hotel contractor. The PO sent a credit monitoring letter to VA Patient (redacted letter is attached to this ticket).