Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
South Central VA Health Care Network (VISN 16)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on January 7, 2011. Also cited in 317 other reports.
Report ID: SPE000000056853, U.S. Department of Veterans Affairs
Reported Entity: VISN 16 Muskogee, OK
Issue:
A canteen employee found a copy of the Inpatient Roster in the canteen cafe and gave it to the Service Chief. The roster includes the patients' full name, SSN, DOB and PHI. Update: 01/11/11:There were seventy nine names on the list. That includes two with the last initial, last four digits of the SSN and the diagnosis and four others with the last name & last four digits of the SSN. The roster was there less than 4 hours. Canteen employees, Veterans, and VA employees may have seen the list. Seventy three patients will receive a letter offering credit protection services and six patients will receive a letter of notification.
Outcome:
The Service Chief identified the employee responsible for leaving the list unattended and provided verbal counseling. The credit protection and notification letters were sent.