Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Gulf Coast Veterans Health Care System
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on June 19, 2013. Also cited in 21 other reports.
Report ID: PSETS0000090830, U.S. Department of Veterans Affairs
Reported Entity: GULF COAST HCS - 520
Issue:
An employee sent Protected Health Information (PHI) for one Veteran to co-workers home email address and Facebook. The Privacy Officer (PO) was notified of this event by the employee's Service Chief. The PO will have the employee immediately delete emails and Facebook posts and have all recipients delete the messages and posts, as well. The PO will require Reports of Contact (ROCs) from all staff who received the emails or posts.
Outcome:
06/19/13: The information at risk included the Veteran's name and diagnosis. The information was posted on Facebook on 06/17/13 at 9:30 PM and was taken down after noon on 06/19/13. The Veteran will receive a HIPAA letter of notification.