Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Northwest Network (VISN 20)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on October 12, 2011. Also cited in 208 other reports.
Report ID: SPE000000067646, U.S. Department of Veterans Affairs
Reported Entity: VISN 20 Portland, OR
Issue:
A Campus Police Officer at the affiliate University that is physically attached to the VA Medical Center found 5 folded pages containing information about current VA surgery patients. The papers were on the ground in the hallway outside a busy campus cafeteria at approximately 10:00 AM on 10/10/11. The Officer secured the documents and filed an incident report with the University's Information Security Officer (ISO). The ISO contacted the local VHA Privacy Officer (PO) about the incident and turned over the documents. The pages contain the full names, last 4 digits of the SSN, and medical information regarding the patient's type of surgeries and medications they were on at the time. A few non-Veteran patients are included on the spreadsheets, but it appears there are approximately 60 Veterans listed. The Privacy Officer is looking for the surgical staff who were working on the 10/10/11 holiday weekend to determine who may have lost the paperwork. Update: 10/13/11:Notification letters will be sent to 57 Veterans and 6 University patients.
Outcome:
The facility Chief Health Information Officer and Privacy Officer will be meeting with the Chief of Operative Care to discuss what options exist to allow residents to track the status of the patients without leaving the facility with the information or with minimal paperwork if possible.