Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Phoenix VA Health Care System
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on May 23, 2013. Also cited in 102 other reports.
Report ID: PSETS0000089748, U.S. Department of Veterans Affairs
Reported Entity: PHOENIX AZ - 644
Issue:
On 5/23/13, the Principal Investigator (PI) of research study reported that two photocopied informed consent forms that had previously been sent for scanning to CPRS in December, 2012 had not yet been scanned to the patients' charts. PI stated the forms were sent by interoffice mail, using a privacy envelope. PI subsequently hand-carried replacement copies to the scanning department. Per the PI, the scanning department does not know the location of the original copies sent for scanning in December. Preliminary investigation shows PHI at risk is: full name, full SSN, and participation in the research study. There is no evidence the papers left the VAMC, but their whereabouts are unknown. Root cause appears to be that research teams are required to send paper documents to the scanning room in another building, exposing documents to loss in transit through interoffice mail or hand carry across the parking lot. Further investigation and remediation to follow.
Outcome:
05/24/13: Both Veterans will be sent letters offering credit protection services. 05/31/13: One of the documents was found in the office of the intended recipient. Only one Veteran will be sent the credit monitoring offer.