Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Mid-Atlantic Health Care Network (VISN 6)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on September 25, 2012. Also cited in 187 other reports.
Report ID: SPE000000080488, U.S. Department of Veterans Affairs
Reported Entity: VISN 06 Beckley, WV
Issue:
On 09/25/12 the Beckley VAMC mailroom manager called the Privacy Officer (PO) stating that he received a phone call from someone at united parcel service advising us that a package that was mailed from our facility was damaged or destroyed and that he would email the mailroom manager with claims information. After determining who mailed the package from the Beckley VAMC, the PO talked to the employee in the cashier's office and he was able to tell me what information was in the package that was damaged or destroyed. There was one personal check of a Veteran's showing his full name, wife's full name, their address, their telephone number, and his last 4 digits of his SSN. There was one cashier's check that a Veteran had endorsed to us and the only personally identifiable information (PII) on the cashier's check was his full name. In addition, there was a Beckley VAMC check for deposit which would indicate our account number. Update: 11/28/12:This was not the fault of VA. No VA data breach occurred, however since it involved a personal check with the Veteran's account information, the Veteran will be sent a genereal notification letter.
Outcome:
No violation of security and/or privacy standards has been found. Nevertheless, one Veteran's check, with his and his wife's full name, address and telephone number, was destroyed by UPS. This Privacy Officer does recommend that this Veteran receive notification of that his check was destroyed.Correction 10-25-12: This event should be reclassified as a Privacy breach. This information was damaged by UPS and had to be destroyed. Although the information was shredded by UPS, one Veteran's personal check with his, and his wife's name, address and phone number on it, was destroyed. The Veteran should be notified of this so that he can adjust his personal checking account to reflect that this check is non-negotiable since it has been destroyed.