Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Phoenix VA Health Care System
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on August 21, 2014. Also cited in 102 other reports.
Report ID: PSETS0000108244, U.S. Department of Veterans Affairs
Reported Entity: PHOENIX AZ - 644
Issue:
On, 08/21/14, staff reports that another staff member accessed his Medical Record and/or Occupational Health record without his permission. The other staff member is in same department. He had previously requested a sensitive patient access report (SPAR) but could not provide this. Requested SPAR. Notification and investigation, pending.
Outcome:
09/15/14: Dialogue with Chief does not contradict the finding that this appears to be an unauthorized access. The access permissions were not set for the position despite prior functional category review and other similar duties to this date/time. No objective evidence to refute the SPAR showing unauthorized access. No other subjective reason offered why employee was in chart. In fact, employee indicates they were not in chart. Changed complaint to incident. 09/24/14: The Incident Resolution service Team determined that the employee will receive a HIPAA letter of notification.