Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Southwest Health Care Network (VISN 18)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on November 8, 2012. Also cited in 228 other reports.
Report ID: PSETS0000082164, U.S. Department of Veterans Affairs
Reported Entity: VISN 18 Phoenix, AZ
Issue:
Veteran A reports receiving an envelope from Veteran B containing Veteran A's information. Veteran A reported this to staff in the Eligibility office and returned the papers to the Eligibility staff, stating he thought Diamond Clinic had mistakenly given his information to Veteran B. Eligibility reported the incident to Alternate Privacy Officer (PO) promptly upon discovery. The preliminary investigation by Alternate PO found both Veterans were seen on 11/01/12 but that Diamond Clinic did not see Veteran B. Veteran B was seen by GI clinic, and the breached information was a consultation for Veteran A sent to GI clinic. It is therefore likely that Veteran A's paperwork was accidentally included with Veteran B's paperwork in GI clinic. Investigation to continue. Update: 11/09/12:Due to full SSN and medical information being exposed, Veteran A will be sent a letter offering credit protection services.
Outcome:
Chair of clinic where breach occurred determined root cause to be inattentive handling of consult note by clerks. Corrective action to educate clerks on importance of clean desk policies already in place to prevent mixing of patient information. Credit monitoring letter sent to Veteran A 11/16/2012. No further actions planned. Closure requested.