Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Northwest Network (VISN 20)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on March 27, 2012. Also cited in 208 other reports.
Report ID: SPE000000073406, U.S. Department of Veterans Affairs
Reported Entity: VISN 20 Portland, OR
Issue:
A Veteran's VA Provider contacted the facility Privacy Officer to discuss the Veteran's desire to revoke authorization he had signed allowing his mother and father from communicating with his providers about his treatment. The Veteran will be submitting a written request to revoke his authorization. The Privacy Officer checked the medical record access log for this Veteran because of the confusion surrounding access to his information and discovered that his VA employee step father had accessed his record on two occasions since January of this year. The Veteran's record does not indicate he has been treated in his step father's department during this time so he likely did not have a need to know. Update: 03/28/12:Veteran A will be sent a notification letter.
Outcome:
The employee has been counseled by the Privacy Officer and department Supervisor regarding our requirements for accessing a Veterans medical record. There will be follow-up reviews of the access to the Veteran's chart to verify there is no further access to the record.