Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Southwest Health Care Network (VISN 18)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on April 18, 2012. Also cited in 228 other reports.
Report ID: SPE000000074304, U.S. Department of Veterans Affairs
Reported Entity: VISN 18 El Paso, TX
Issue:
Veteran A provided copies of medical records on Veteran B which had been mixed into the printing and disclosure provided to Veteran A. Veteran A stated that he had requested and received his copies of his medical record from the front desk staff at Centralized Records Unit approximately 6 months ago; did not look at them for a while and then when reviewing at later date/time, he noticed that Veteran B's medical record information was mixed into his copies. Veteran A turned in all of the copies of pages on Veteran B and spoke with Privacy Officer regarding concerns and process for notifying Veteran B of this error/breach of privacy. Update: 04/18/12: Veteran B will be sent a letter offering credit protection services.
Outcome:
06/19/2012 Update - Verified completion of corrective action per responsible supervisor; not yet completed so reminder sent for immediate resolution and follow-up. Submitted: Privacy Officer EPVAHCS 06/28/2012: Corrective action completed and resolution forwarded to facility Privacy Officer. PSETS ticket updated for recommended closure. Fact-finding and corrective action resolved as follows: It does appear that both request were processed on the same day as patients had submitted requests to front desk in Centralized Records Unit - Release of Information Section. The request was done quite a while back so that staff member that made the mis-printing doesn't remember. As per fact finding , the printing out of the accounting of disclosures and the request was completed by the same employee. One of the veterans request was closed Veteran A, and the employee had already printed out Veteran B reports to mail to the veteran but didn't pull them off of the copier correctly. So Veteran A received a copy of veteran B medical records that needed to be mailed. Corrective Action: Responsible Supervisor spoke with the employee who made the mistake and re-trained/ emphasized that in all cases required to make sure he is checking through the documentation to ensure that the veteran requesting the medical records is the only print job being handled; do not mix them. Also, reiterated the importance of protecting the privacy of all veterans medical records. Employee reminded to make sure that he is only taking care of one veteran issue at a time to ensure that this does not occur in the future. Veteran's request was closed out as Veteran had come back in to pick up the records that were not mailed to him. NSOC letter of notification and credit monitoring prepared for mail-out to affected Veteran over signature of Interim Director. Letter for uploading; recommend ticket closure per corrective actions documented above. Submitted: Privacy Officer