Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Tennessee Valley Healthcare System
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on November 24, 2014. Also cited in 104 other reports.
Report ID: PSETS0000112034, U.S. Department of Veterans Affairs
Reported Entity: NASHVILLE TN - 626
Issue:
A Veteran contacted the Privacy Officer (PO), Nashville Campus, regarding the following concern: The Chattanooga Outpatient Clinic (COPC) faxed this Veterans lab results dated 10/07/14 to the Tennessee (TN) Bone and Joint Clinic without his authorization. The Veteran is unclear as to why the information was faxed. The Veteran was not fee-based to TN Bone and Joint Clinic nor is he treated there as a private patient. The documents were retrieved by the Veterans daughter, who is employed at TN Bone and Joint Clinic, and provided to the Veteran. Veterans personally identifiable information (PII) includes full name, full Social Security Number, date of birth and lab results.
Outcome:
12/02/14: The docuement was sent to a HIPAA covered entity, SPI was viewed and returned to the Veteran by his daughter. The Incident Resolution Service Team has determined that this is low risk for a breach according to the VA Breach Criteria document.