Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Great Lakes Health Care System (VISN 12)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on September 9, 2011. Also cited in 130 other reports.
Report ID: SPE000000066625, U.S. Department of Veterans Affairs
Reported Entity: VISN 12 Milwaukee, WI
Issue:
A VA Fellow/Attending Employee sent VA patient's full name and SSN along with medical conditions through the Medical College of Wisconsin (MCW) e-mail system and copied the e-mail to over 50 MCW individuals. We are working with the IT staff at MCW to remove this sensitive information from their servers. Update: 09/12/11:Patient A will be sent a letter offering credit protection services.12/06/11:After further review there was no full SSN involved, but there were seven patient's full names and medical conditions. All seven will be sent letters of notification.
Outcome:
VA employee has re-taken the Information Security training course and presented the certificates directly to the ISO. Business Partner MCW's IT department has cleaned their servers. Employee supervisor took disciplinary action on employee and ISO talked with employee on the importance of handling sensitive information.