Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Southeast Network (VISN 7)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on October 19, 2012. Also cited in 225 other reports.
Report ID: PSETS0000081417, U.S. Department of Veterans Affairs
Reported Entity: VISN 07 Columbia, SC
Issue:
On 9/28/2012, a Veteran/employee made a written request for a listing of individuals who accessed his medical record. On 9/28/2012, the Information Security Officer (ISO) provided a 12 page listing to the Veteran/employee. On 10/1/2012, the Veteran/employee provided a follow-up request to further investigate Employee A and Employee B who accessed the medical record. On 10/1/2012, the ISO initiated a fact finding through Employee A's service chief. On 10/15/2012, the service chief provided a preliminary finding, identifying access to the record was made in error and that the employee has been counseled. The finding states Employee A utilized the electronic record to locate the mailing address of Veteran Employee to mail employee's pay stub. On 10/17/12, the ISO provided the findings to Veteran/employee who further voiced concern. As of today, the investigation is ongoing. Update: 10/19/12:Due to unauthorized access by another employee, Employee A will be sent a letter offering credit protection services.
Outcome:
Additional education has been provided to staff.