Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Northwest Network (VISN 20)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on November 28, 2012. Also cited in 208 other reports.
Report ID: PSETS0000082923, U.S. Department of Veterans Affairs
Reported Entity: VISN 20 Seattle, WA
Issue:
An employee has accessed a Veteran's medical record over 200 times from February 2011 to November 21, 2012, without a need to know or for treatment, payment or health care operations under the HIPAA Privacy Rule. The Veteran has a restrainiing order against the employee, and this order was in effect during the employee's most recent access to the Veteran's account on November 21, 2012. The Veteran has complained to the Service Line Leader and the VA Police, and both services are working in tandem with HR to investigate the Veteran's complaint and the employee's motive and rationale for accessing the Veteran's medical record. The Veteran has stated that she was also abused this employee, and that the VA Police have been investigating all of the incidents that have occurred over the past year. Update: 02/27/13:One employee will be sent a HIPAA notification letter.03/22/13:The Veteran has already been provided notification verbally. The Privacy Officer believes a written letter is not necessary since the Veteran has been verbally notified and has been communicating with the Privacy Officer and Medical Center management in order to resolve this issue.
Outcome:
Employee is under investigation by HR, Service Line and VA Police. Termination is highly probable at this point. Privacy Office investigation is complete.