Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Sunshine Healthcare Network (VISN 8)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on November 27, 2012. Also cited in 369 other reports.
Report ID: PSETS0000082884, U.S. Department of Veterans Affairs
Reported Entity: VISN 08 Gainesville, FL
Issue:
An Operating Room file containing the schedule of operations for November 2012 is missing. The VA Police are investigating and the service is performing a search for the file. Update: 11/27/12:The area is access controlled and the VA Police have pulled the list of all employees who accessed the area over the weekend and they are interviewing the employees to ascertain the location of the file.12/03/12:The VA Police are still continuing the interviews. As of this update, the file has not been located. The facility is able to reproduce the list of Veterans that the file contained. Should this be determined a data breach, the count of affected individuals is as follows:1) 435 total affected individuals.2) 364 would receive letters offering credit protection services due to the full SSN being on the file.3) 71 would receive HIPAA letters of notification due to names and Protected Health Information (PHI) being on the file.12/11/12:This is a file folder (RCS 10-1 Item 112-2) which contained the surgical schedule for each day in November (Nov 1-21). As part of the mitigation plan, the service is currently trying to maintain this file electronically. VA Police and OIG are investigating.
Outcome:
Below are the additional security measures taken in the OR: 1. Completed rounds of the entire OR/PACU/SDSU to determine any possible unprotected PHI and evaluation of any process that potentially needed to be changed. 2. Lock installed for cabinet where surgery schedules are stored. Off tour book and all completed daily OR records/antibiotic tracking sheets are now locked in cabinet. Key on OR Key ring, turned into MAA desk after hours. 3. Measures and order for the Dutch door for the OR schedulers office completed. 4. ABG/Cath Lab door lock has been activated. It is on the same schedule as the OR front desk. Considering having the door on lock 24/7 due to the obscure location and inability to monitor all personnel that enter/exit through the door. 5. Schedule locked in cabinet in Anesthesia work room. 6. Developing an electronic method to maintain compliance with required Schedule of Operations File (RCS 10-1). 7. Removed entire SS# (last four only) from the OR schedules use only first initial of last name and last for on the surgeons preference cards sent to SPS. 8. All information regarding implants that have patient labels are placed under the locked door for the implant coordinator. 9. Worked with IRM to halt the automatic printing of orders in PACU. 10. Requested locks for the cabinets at the OR front desk . Per NF/SG Police Chief, OIG has determined that there is nothing further to investigate. Therefore the case is closed without identifying a suspect or recovery of the file. 326 Credit monitoring letters mailed, 60 HIPAA letters (name, last 4, and procedure), 4 HIPAA letters (name & procedure), 4 NOK letters mailed to affected Veterans or NOK.