Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
South Central VA Health Care Network (VISN 16)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on April 15, 2013. Also cited in 317 other reports.
Report ID: PSETS0000087944, U.S. Department of Veterans Affairs
Reported Entity: VISN 16 Oklahoma City, OK
Issue:
A nurse took home medications of 5 Veterans with the medication label attached. The nurse recently is divorced and the ex-sister-in-law located the following in the home: Veteran1/Label 1 contained full name, full social, initial/last 4, gender, date of birth, diagnosis, dates of service and ward location. Veteran 2/Label 2 contained full name, last 4, ward location, and date of service (month/day only). Veteran 3/Label 3 contained full name, initial/last 4, diagnosis, ward location, and dates of service. Veteran 4/Label 4 contained full name, initial/last 4, ward location, and dates of service. Veteran 5/Label 5 contained full name, initial/las5 4, ward location, and dates of service. In addition, the following was found in the home: Veteran 6 documentation contained a memorandum with the subject of "Initial Peer Review Findings" contained the Veterans full name and full social security number. The memorandum also contained detailed health information regarding the Veteran including diagnosis and follow-up information. A progress note for the Veteran with note titled "Disclosure of Adverse Event Note - Institutional". This note contained dates of service, diagnosis, full name, full social, date of birth and full description of the adverse event. Veteran 7 documentation included doctor\xe2\x80\x99s orders contained medications, full name, full social, ward location, and date of service. Veteran 8 documentation included a memorandum with the subject line of "Notice of Payment on Medical Malpractice Claim" contained first initial of last name and last four of social. The body of the message contained Veteran Name and last four of social. Update: 04/15/13: Five Veterans will be sent a notification letter. And tthree Veterans will be sent letters offering credit protection services.
Outcome:
Privacy Officer educated employee. Nurse manager has educated employee and is sharing the education with all nursing staff on her unit.