Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
U.S. Department of Veterans Affairs
Reported a breach of medical information involving at least 500 people to the U.S. Department of Health and Human Services, Office for Civil Rights; the report was received on September 20, 2011. Also cited in 336 other reports.
Report ID: MS001, U.S. Department of Health and Human Services, Office for Civil Rights
Reported Entity: VA Gulf Coast Veterans Health Care System
Issue:
The covered entity (CE), U.S. Department of Veterans Affairs (VA), Gulf Coast Veterans Health Care System, Biloxi Veterans Affairs Medical Center (Biloxi VAMC) reported that the office of an employee was vandalized. Paper files were found on the office floor, and the protected health information (PHI) of approximately 1,814 individuals was compromised. The PHI included full names, social security numbers, dates of birth, and medical diagnoses. The CE provided breach notification to HHS, the media and affected individuals. Following the breach, VA police at the facility reviewed procedures and continued foot patrols to ensure office doors are locked during non-business hours. The CE provided additional training to workforce members of the affected department on its physical security policies and procedures to improve safeguards for PHI. OCR obtained assurances that the CE implemented the corrective action listed above. \ \