Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Southeast Network (VISN 7)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on August 1, 2011. Also cited in 225 other reports.
Report ID: SPE000000065279, U.S. Department of Veterans Affairs
Reported Entity: VISN 07 Columbia, SC
Issue:
Veteran A received 11 pages of medical records, which were intended for Veteran B. Both Veterans have the same first and last name. When Veteran A discovered the error, he presented the medical records to the VA County Service Officer in Abbeville, South Carolina. To correct the error, the VA Service Officer mailed the medical records to Veteran B. After reviewing the documents, Veteran B forwarded a copy of the letter he received from the VA County Service Officer to the Dorn VA, Acting Medical Center Director. Veteran B expressed concerns of identity theft and requested credit monitoring. The request was assigned to the Privacy Officer for review. The Privacy Officer notified the Chief of Release of Information. After investigating the issue, it was discovered that on 03/23/11, a Release of Information (ROI) employee inadvertently mailed Veteran B's medical records to Veteran A. The information disclosed included Veteran B's full name, full social security number, address, protected health information (PHI), and the providers' names. Update: 08/01/11:The incident involved the compromise of only Veteran B's information. Veteran B will be sent a letter offering credit protection services.
Outcome:
Staff is being re-educated on the need to safeguard patient information.