Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Mid South Healthcare Network (VISN 9)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on January 18, 2012. Also cited in 328 other reports.
Report ID: SPE000000070788, U.S. Department of Veterans Affairs
Reported Entity: VISN 09 Nashville, TN
Issue:
On 01/10/12, Veteran A obtained copies of his medical records from Release of Information (ROI) at the Nashville Campus. Upon returning home, Veteran A realized he had also been given medical records which belonged to Veteran B. On 01/11/12, Veteran A returned Veteran Bs medical records to the Patient Advocate. On 01/18/12, the incident was reported to the Privacy Officer (PO). Veteran Bs personally identifiable information (PII) includes radiology reports and a nurse intra-operative report which contains Veteran B's full name, full social security number, and date of birth, address, diagnosis, and details regarding the radiology procedures. Update: 01/18/12:Veteran B will be sent a letter offering credit protection services.NOTE: There were a total of 9 Mis-Handling incidents this reporting period. Because of repetition, the other 8 are not included in this report, but are included in the "Mis-Handling Incidents" count at the end of this report. In all incidents, Veterans will receive a notification letter and/or credit monitoring will be offered if appropriate.
Outcome:
1/27/12 - Upon investigation, the Privacy Officer found the incident was due to a human error. On the day in question, there was one ROI clerk on duty and the volume of requests was enormous. Appropriate action has been taken regarding the ROI clerk. CM letter mailed to Veteran.