Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Southwest Health Care Network (VISN 18)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on May 22, 2012. Also cited in 228 other reports.
Report ID: SPE000000075874, U.S. Department of Veterans Affairs
Reported Entity: VISN 18 Phoenix, AZ
Issue:
On 5/22/2012, a nurse supervisor reports that Veteran A returned Protected Health Information (PHI) he received by mail for 2 other Veterans. He received his own materials as well. Veteran A returned the PHI for Veterans B and C on 5/17/2012.The nurse supervisor had set up fact finding interviews with identified staff for 5/23/2012. Reminded of timely breach reporting. Further notification and investigation to ensue. Update: 05/23/12:Veterans B and C will be sent notification letters due to PHI being disclosed.
Outcome:
Although reporting to PO was delayed, Nurse Supervisor took immediate action to investigate and remediate inappropriate mailing of Veteran PHI, upon discovery. She was not able to isolate the event to one person, although she believes she knows where, when, how, and who was involved. She created a new system to hard-wire correct mailings of test results to Veterans. This consists of highlighting the names on reports and staff initialing of the sent reports. This will prevent errors and create accountability if mis-mailing ever were to occur. Re-education regarding this issue and the importance of test result quality controls via mail will be emphasized at their next staff meeting.