Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Southeast Network (VISN 7)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on June 29, 2012. Also cited in 225 other reports.
Report ID: SPE000000077382, U.S. Department of Veterans Affairs
Reported Entity: VISN 07 Columbia, SC
Issue:
A Release of Information Office (ROI) employee received a request for records from USAA Life Insurance Company. According to the ROI employee, the correspondence listed the Veteran As name, with no social security number. The employee searched CPRS, and located Veteran B with that name. The ROI employee released sixty-seven documents consisting of radiology reports, consultations, lab reports, and progress notes to USAA Life Insurance Company. In researching the request, in order to identify the Veterans social security number and scan the request form into CPRS, a file room employee discovered that Veteran Bs documents were inadvertently mailed to the USAA Life Insurance Company. The name listed on the request document had a different middle initial and date of birth from the name on the released records. Information disclosed: Veteran Bs full name, full social security number, address, provider names, protected health information (PHI), reports, and list of medications Update: 07/02/12:Veteran B will receive a letter offering credit protection services.
Outcome:
Staff have been being re-educated on the need to safeguard patient information.