Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Tennessee Valley Healthcare System
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on May 8, 2013. Also cited in 104 other reports.
Report ID: PSETS0000089017, U.S. Department of Veterans Affairs
Reported Entity: NASHVILLE TN - 626
Issue:
On 5/7/13, an employee/Veteran requested and received a Sensitive Patient Access Report to see who had accessed his CPRS/VISTA Records. On 5/8/13, this same employee/Veteran provided to the Privacy Officer, a VA employee name, who was listed on that report and that he suspects should not have had access to his CPRS Record.
Outcome:
05/14/13: The Privacy Officer determined access was inappropriate. The employee who accessed the record stated they must have left their PC unlocked and someone else used the PC to access their own record. This is not considered a valid excuse, as employee did not follow Rules of Behavior. One employee will be offored credit protection services as a precaution. 05/29/13: This was determined to be HITECH reportable by VHA Privacy Office.