Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Southwest Health Care Network (VISN 18)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on August 13, 2011. Also cited in 228 other reports.
Report ID: SPE000000065727, U.S. Department of Veterans Affairs
Reported Entity: VISN 18 Prescott, AZ
Issue:
VA Employee/Veteran complaint is that supervisor demanded the VA Employee/Veteran's Medical file. The VA Employee Veteran handed it over in fear of losing his job. The medical records were then disclosed to a Human Resource Officer without the Veteran/employees consent. The records were handed back to the Veteran/employee by the Human Resource officer. Update: 10/17/11:Veteran/Employee A will be sent a notification letter.
Outcome:
Veteran/employee medical records along with 7332 information were disclosed in January of 2010 without a written release from the Veteran/employee. Based on th P.O. inquiry this constitutes a breach. The inquiry was full of inconsistencies. Suggestion was to conduct an AIB as sometimes the truth can be better obtained when the witnesses are under oath. The Privacy Officer also suggested re-training in privacy of the Service Chief and the HR Specialist with sanctions left up to the SLM of the department & HR Manager.