Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Northwest Network (VISN 20)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on January 30, 2012. Also cited in 208 other reports.
Report ID: SPE000000071196, U.S. Department of Veterans Affairs
Reported Entity: VISN 20 Boise, ID
Issue:
The Privacy Officer received a packet of medical records that were returned to the VA. When the package was examined, it was noticed it had been opened then retaped and returned to the VA. The package contained records for Veteran A, however the package was addressed to Veteran B. It was discovered that Veteran B would then also receive Veteran A's information. The mistake was made by the Release of Information clerk. Update: 01/31/12:Veterans A and B will be sent letters offering credit protection services, as their full SSN and medical information were disclosed improperly.
Outcome:
Credit Monitoring letters sent 2-2-2012 to 2 Veterans. Employee was educated and will retake Privacy/HIPAA training and provide copy of signed certificate.