Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Southwest Health Care Network (VISN 18)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on April 16, 2012. Also cited in 228 other reports.
Report ID: SPE000000074233, U.S. Department of Veterans Affairs
Reported Entity: VISN 18 El Paso, TX
Issue:
Veteran presented to facility Privacy Officer with opened/torn UPS box which had been sent from facility Medical Record Section approximately a week and a half ago to home address of Veteran. Upon receiving the UPS box, Veteran noted that it had been torn/broken along one side and upon opening the rest of the box, noted that it was stuffed with 5 sets of brochures from the US Immigration and Customs Enforcement Agency - but there were no medical records in the box as had been previously requested. Veteran and facility Privacy officer spoke briefly with Supervisor for Medical Records Section who confirmed mailing label and return address information on the box - as correctly originating from the Medical Records Section. Also noted the Medical Records Section has no access to or copies of these ICE brochures - have no idea how/where these got stuffed in UPS box which originated at our facility. Veteran noted that UPS delivered this box to her home address on 4/3/2012 and that she brought the entire packet into me as facility Privacy Officer because she is concerned about copies of her medical record not being in the UPS box/not being delivered by UPS correctly. Update: 04/17/12: This is not the fault of VA, but since the Veterans full medical record is possibly compromised, he will be sent a letter offering credit protection services.
Outcome:
05/23/2012 Update: Fact finding completed by involved facility staff (Privacy officer, FSS Chief and mail Room Lead staff, medical Records/Release of Information Supervisor; and contract/account Representative for UPS courier service. Determination that packet of medical record was searched for at UPS facilities, in-transit logs reviewed, hub locations searched and UPS Account Rep provided documentation that package not found; determined lost in transit due to broken box. Facility Mail room and Medical Record staff reminded per responsible supervisors to always assure package integrity and security prior to delivery to mail room for UPS pick-up. Questions re: UPS national contract forwarded to VHA privacy office and national BAA Coordinator for review/input as UPS contract seems to be lacking in provisions for privacy/confidentiality as related to incidents of this nature. Executive leadership at facility informed of findings and letter offering credit monitoring and mitigation/fact-finding provided to affected Veteran over Director's signature. Ticket recommended for closure per uploading of redacted letter offering credit monitoring.