Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Mid South Healthcare Network (VISN 9)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on March 9, 2011. Also cited in 328 other reports.
Report ID: SPE000000059363, U.S. Department of Veterans Affairs
Reported Entity: VISN 09 Lexington, KY
Issue:
Employee A sent a filled-out SF-182 (authorization for travel) to another employee (Employee B) instead of a blank form as intended. SF-182 contained name, SSN and DOB. Email was sent through PKI encryption. The information that was improperly disclosed was not the sender's or the recipient's information, it was Employee C's information. Update: 03/10/11:Due to wrong person receiving another Employees full SSN and DOB, Employee A will receive a letter offering credit protection.
Outcome:
Employee was re-educated about securing PII via email through encryption.