Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Southwest Health Care Network (VISN 18)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on April 25, 2011. Also cited in 228 other reports.
Report ID: SPE000000061527, U.S. Department of Veterans Affairs
Reported Entity: VISN 18 El Paso, TX
Issue:
Employee A requested an audit log report for access to her electronic VistA records. She identified two co-workers (Employees B and C) whom she does not think should have accessed her records under any given circumstance. She is requesting an investigation in regards to those occasions in which those two employees accessed her records. Update: 04/29/11:The employee will be sent an offer of credit protection services.
Outcome:
07/11/2011 Update: Fact-finding conducted and results provided to Executive Leadership. Determination that lack of privacy/confidentiality safeguards in processing of Mental health sensitive diagnoses for Veteran-employee of facility Mental Health Service as related to fee-based consult referral process led to access of Veteran-employee mental health record by two fellow employees. Mitigation via provision of letter of notification and overview of fact-finding with Veteran-employee complainant. Corrective action via Chief, Mental Health and professional, clinical staff review of current processes with resulting review and recommendations via policy/procedures to be provided to Executive leasdership as appropriate. Redacted letter of notification/credit monitoring uploaded for ticket closure as per above corrective actions and fact-finding-mitigation. Submitted: JWinstead, Privacy Officer EPVAHCS