Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Mid South Healthcare Network (VISN 9)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on May 11, 2011. Also cited in 328 other reports.
Report ID: SPE000000062323, U.S. Department of Veterans Affairs
Reported Entity: VISN 09 Huntington, WV
Issue:
A resident left his patient lists in the snack bar of the facility. The Privacy Officer (PO) saw him in the snack bar at 7:00 AM on her arrival. The Information Security Officer (ISO) found the paperwork just after 7:30 AM so the documents were not out in the public for much more than 1/2 hour. There were 50 names on the lists and the lists included the last four digits of the SSN, ages, admission dates, and inpatient locations of the patients. There were also handwritten notes on some of the patients that included diagnoses, medical testing and medications. Update: 05/11/11:Due to the list being left unattended in a public area, the 50 patients will be sent a notification letter.NOTE: There were a total of 93 Mis-Handling incidents this reporting period. Because of repetition, the other 92 are not included in this report, but are included in the "Mis-Handling Incidents" count at the end of this report. In all incidents, Veterans will receive a notification letter and/or credit monitoring will be offered if appropriate.
Outcome:
The PO reminded the resident that documents containing personally identifiable information (PII) and protected health information (PHI) must be safeguarded at all times.