Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Rocky Mountain Network (VISN 19)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on June 22, 2011. Also cited in 133 other reports.
Report ID: SPE000000063994, U.S. Department of Veterans Affairs
Reported Entity: VISN 19 Fort Harrison, MT
Issue:
Date of event and date discovered: 6/22/11 Issue: VA clinical employee with authorized access, created a CPRS progress note for 2 Veterans. An additional signer was selected from the "Identify Additional Signers" dropdown box that was the wrong recipient (the same person for both veteran notes). The person chosen as the recipient is non-clinical with no authorized access to CPRS. This clinical employee clicked "OK" in the dropdown box. This generated a Vista Mailman View Alert message to the recipient as an additional signer.This person opened the Vista Mailman message, and was able to open the veteran's electronic progress note in VISTA (TIU format). Problem---- Medical record access given to unauthorized recipient Update: 06/23/11:Veteran A will be sent a notification letter.
Outcome:
We have no control over the "Additional Signer" data base that is used for CPRS. So, education was given to ALL staff to use caution and pay attention to the names that pop up on the additional signer drop down box. The incorrect additional signer information was removed from the CPRS progress note.The additional signer alert was removed from the recipients VISTA mail.