Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Southeast Network (VISN 7)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on August 17, 2011. Also cited in 225 other reports.
Report ID: SPE000000065863, U.S. Department of Veterans Affairs
Reported Entity: VISN 07 Birmingham, AL
Issue:
On 08/17/11, the Privacy Officer (PO) received an envelope from an area Community Based Outpatient Clinic (CBOC) with a note from a clerk that indicated that Patient A received Veteran B's medical records when she received her own medical records. The records request was processed through the facility's Release of Information (ROI) office. The PO contacted the CBOC clerk who stated Patient A returned the mismailed document to their clinic on 08/12/11. Patient A returned the original document which was one letter and one page of Nurse Progress Notes. The records contained veteran B's name, full SSN, and protected health information (PHI) Update: 08/17/11:Veteran B will receive a letter offering credit protection services.
Outcome:
The original documents were retrieved from the other patient and a copy has been placed in the administrative file.. The ROI clerk has retaken Privacy and Information Security training and provided documentation to the Privacy Officer and has been placed in the administrative files. A redacted copy of the credit monitoring letter is attached. A copy of the requested (from ROI) were also enclosed with this letter.