Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Mid South Healthcare Network (VISN 9)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on August 3, 2012. Also cited in 328 other reports.
Report ID: SPE000000078751, U.S. Department of Veterans Affairs
Reported Entity: VISN 09 Nashville, TN
Issue:
A Business Office employee found an inter-office HIPAA envelope on her desk addressed to her. Once she picked it up, she noticed that the envelope had already been opened. It is alleged the Business Office employee who receives mail for the Fee Section, opened the envelope. Update: 08/06/12:The Privacy Officer (PO) further looked into this complaint and determined the mail clerk opened up the HIPAA envelope, but stated he opens numerous amounts of mail each day, but once he found he opened up an envelope with personal information, he immediately stopped and placed the envelope on the employee's chair. The employee who the information pertains to, acknowledged the envelope had been opened, but does not appear to be tampered with. The employee will receive a letter offering credit protection services.
Outcome:
CM Letter has been completed. Incident has already been referred to the Business Office for appropriate action to be taken against the employee involved. In addition, education will also be provided to the other clerks who handle mail in this Section so they are aware to carefully review all HIPAA Privacy envelopes to determine if they are addressed to an specific individual, rather than just the Department.