Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Northwest Network (VISN 20)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on March 19, 2012. Also cited in 208 other reports.
Report ID: SPE000000073093, U.S. Department of Veterans Affairs
Reported Entity: VISN 20 Portland, OR
Issue:
Veteran A contacted the VA Health Resource Center (HRC) to complain he had received a statement in the mail from the Portland VA Medical Center addressed to him, but the credit card payment stub mailed with it belonged to Veteran B. The stub contained Veteran B's full name, current mailing address, credit card number, card company, card expiration date, and the payment due to VA. The stub is stamped "Declined Card". The reason for it being declined is not indicated.Veteran A mailed the documents to the HRC Privacy Officer who scanned the documents and envelopes into a PDF document and forwarded this information to the Portland VA Medical Center Privacy Officer. Update: 03/19/12:Veteran B will be sent a general notification letter.
Outcome:
Our Fiscal department has been made aware that this mistake occurred and they have already changed their process for mailing back declined payment stubs to add increased protection.