Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Desert Pacific Healthcare Network (VISN 22)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on August 2, 2012. Also cited in 129 other reports.
Report ID: SPE000000078708, U.S. Department of Veterans Affairs
Reported Entity: VISN 22 Las Vegas, NV
Issue:
A Human Resources Management Service (HRMS) Program Specialist mistakenly sent an email addressed to two employees on the same email informing them that their resumes have been referred for consideration for a vacancy. Not only did both employees know the other one is also up for consideration for the same vacancy, but the email contained both employees resumes. Resumes included name, address, contact phone numbers, work experience, pay, grade/step and one resume contained the employee's full SSN. Update: 08/03/12:The employee whose SSN was disclosed will be offered credit protection services. The employee whose resume (without SSN) was disclosed will be sent a notification letter.
Outcome:
This is not the normal method of employee notification when their resumes are forwarded for consideration. Employee was educated by Privacy Officer, reminded to follow proper privacy protocols for notification. CM and notification letters uploaded and mailed on 8/3/12.