Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Eastern Kansas Health Care System - Dwight D. Eisenhower VA Medical Center
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on October 6, 2014. Also cited in 13 other reports.
Report ID: PSETS0000110059, U.S. Department of Veterans Affairs
Reported Entity: EASTERN KANSAS HCS(Topeka-Leavenworth) - 589A6
Issue:
During a Vista sensitivity log review (on Oct 3rd), the ISO detected that an employee accessed a chart in CPRS of a patient that had the employees same last name. ISO verified with the supervisor to determine whether the employee was related to the patient. Supervisor stated that the veteran was the employees son. The supervisor states that the employee accessed her sons record because she thought it was ok since her son asked her to. Supervisor is in the process of contacting HR for administrative action.
Outcome:
10/06/14: The Incident Resolution Service Team has determined that Patient A will be sent a HIPAA notification letter due to Protected Health Information (PHI) being disclosed.