Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Midwest Health Care Network (VISN 23)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on October 7, 2011. Also cited in 183 other reports.
Report ID: SPE000000067555, U.S. Department of Veterans Affairs
Reported Entity: VISN 23 St. Cloud, MN
Issue:
Veteran A had an appointment with his medical provider. He left a pamphlet in the exam room. Folded inside the pamphlet were paper copies of his lab results. Veteran B had an appointment with the same medical provider. The nurse who prepped the exam room found the pamphlet and assumed it belonged to Veteran B when in fact it belonged to Veteran A. The nurse did not see the folded lab papers and thought she was only mailing the non-sensitive informational pamphlet. Veteran B received the pamphlet in the mail and discovered the lab results paperwork and contacted the facility to report the issue. Update: 10/11/11:Veteran A will be sent a letter offering credit protection services due to full name and full SSN being exposed.
Outcome:
The employee who sent the documents in error was advised that in the future, she needs to ensure the identity of the document owner rather than making the assumption that they belong to the last person in the exam room as in this case, the documents had been there during multiple visits. The employee stated she understood and would take better care in the future to ensure identitiy is validated prior to communication. Documents sent in error have been retrieved and CM offer letter sent to affected Veteran.