Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Southeast Network (VISN 7)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on July 29, 2011. Also cited in 225 other reports.
Report ID: SPE000000065256, U.S. Department of Veterans Affairs
Reported Entity: VISN 07 Montgomery, AL
Issue:
On December 15, 2010, Ms. As personal confidential medical records were forwarded to the Central Alabama Veterans Health Care System (CAVHCS) Human Resources (HR) Department in Tuskegee, without her consent, and used as evidence to support and justify a Request for Personnel Action. The HR department forwarded her medical records to a Social worker also located in Tuskegee, Alabama. On two occasions, the social worker forwarded the information related to Ms. A's medical records to her home address whereby her husband, who was not aware of her therapy and treatment, received them. The medical records were loaded electronically and distributed throughout CAVHCS via computer (Outlook e-mail). To date, Ms .A has not received her original hardcopies back from HR. Update: 12/01/11:Veteran A will be sent a notification letter
Outcome:
Interim PO recommeded to Acting Associate Director that an Administrative Board of Investigations is convened, as the Interim Privacy Officer has no prior privacy background, privacy training, or experience conducting investigations. AIB could conduct a thorough investigation and report findings for HR support in recommending actions, if warranted.