Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Muskogee Regional Benefit Office
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on August 1, 2014. Also cited in 54 other reports.
Report ID: PSETS0000107347, U.S. Department of Veterans Affairs
Reported Entity: MUSKOGEE OK - 351
Issue:
While reviewing the document in question (VA Once User Guide) on the GI Bill Website, an employee discovered that sample information in the guide contained Veteran protected health information (PII). The employee verified that the information was actual PII by searching for a file in SHARE using the "sample" information in the document, consisting of full name and social security number. Information was originally thought to be fictitious; however upon cross-checking information with VA system SHARE it was discovered to be actual Veteran PII. One incidence was discovered involving full name and full social; and nine examples of full name only, with VA systems showing records of multiple Veterans with those same name(s). Previous Related Event: A similar finding regarding PII in this document on the GI Bill Website was previously reported on 07/21/14 to Education Services and ticket #R2993804FY14 was opened. On 07/24/14 it was reported that the link to the document on the GI Bill website had been removed pending sanitization of PII from the document.
Outcome:
08/04/14: The Incident Resolution Service Team has determined that the Veteran whose name and full SSN were disclosed will be sent a letter offering credit protection services.