Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Southeast Network (VISN 7)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on July 7, 2011. Also cited in 225 other reports.
Report ID: SPE000000064501, U.S. Department of Veterans Affairs
Reported Entity: VISN 07 Columbia, SC
Issue:
On 06/27/11, Veteran A received an envelope by mail from the Dorn VA Medical Center. The Veterans wife opened the envelope. In the envelope was a new VA ID Card, with a picture another person, not Veteran A. The Veterans wife visited the Chief of the Patient Benefits Section, to return the VA ID Card and express her concerns on identity theft. Veteran A contacted the Privacy Officer (PO) by phone to report the incident and discuss concerns of identity theft. The Chief of Patient Benefits looked into CPRS and viewed two pictures in VISTA Imaging. One of which matched the picture on the VA ID Card of Veteran B and the other, presumably of Veteran A. The Information Security Officer (ISO) is being notified of the incident, and the Veteran A's record will be flagged with an alert just in case anyone attempts to check in with this name and social security number. The PO will continue to investigate this incident. The new VA ID Card included Veteran A's full name and social security number. The Veteran received the envelope by mail on 06/22/2011. Veteran A's wife reported that their home had been broken into after this incident.NOTE: Entry into PVTS has been delayed due to the fact the Privacy Officer could not access PVTS. She reported this to VISN7 Privacy Officer and has requested assistance from IT staff. Update: 07/11/11:Veteran A's photo and information was on both ID cards. Veteran A will be sent a letter offering credit protection services due to his name, SSN and photo being disclosed.
Outcome:
Staff is being re-educated on the need to safeguard patient information.