Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Southeast Network (VISN 7)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on April 11, 2011. Also cited in 225 other reports.
Report ID: SPE000000060792, U.S. Department of Veterans Affairs
Reported Entity: VISN 07 Charleston, SC
Issue:
Veteran A received multiple Veterans' documents in an envelope mailed to him. Veteran A had not requested any copies of his own records. Veteran A is concerned that his information may have been sent to others. The Privacy Officer (PO) is waiting for the documents to be sent by courier from the clinic. Once information is in hand, the PO can determine how many Veterans are involved and hopefully how event occurred. Update: 04/14/11: According to the PO, two Veterans had Personally Identifiable Information (PII) disclosed including name, address, home telephone, Medicare number, DOB and Protected Health Information (PHI) that included medications and diagnoses. The third Veteran's information consisted of name and date of birth. The documents in the envelope were from outside sources, i.e., Trident Health System, Intrepid Healthcare Services, and Carolina Home Health. Even though the material was not VA data the VA mailed the documents to the wrong Veteran. Therefore three (3) Veterans will receive a letter offering credit protection services.
Outcome:
Privacy Officer unable to determine the employee responsible for this breach. Material mailed out in a VAMC envelope with no return mail code. Privacy Officer will continue to stress privacy policies at all staff meetings and New Employee orientation (NEO).