Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA New England Healthcare System (VISN 1)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on January 20, 2012. Also cited in 204 other reports.
Report ID: SPE000000070885, U.S. Department of Veterans Affairs
Reported Entity: VISN 01 Manchester, NH
Issue:
A Veteran employee requested a copy of who accessed his medical electronic records. Once he received the list he questioned the access of four employees on the list. The Privacy Officer (PO) will investigate the reason for these employee accessing his records. The medical record contains the Veteran employee's name, full SSN and protected health information (PHI). Update: 03/02/12:After investigation, the Privacy Officer found out of 4 employees only one had a legitimate reason to be in his records. One employee can recall why she went in his record. Another employee was in the wrong package to look up his telephone number (should have been in VIST under telephone number). The last employee cannot remember why he would go into this record. The PO is waiting for the employee to come back to work to discuss my findings.
Outcome:
The Privacy Officer talked with all employees on the importance of not going into an employee's records without have the authority to do so. The PO asked if all employees have taken their Privacy training. The PO also talked with all Supervisors of these employees asking them to discuss this with their employees the importance of not entering an employees records without the proper authority.