Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Northwest Network (VISN 20)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on October 6, 2011. Also cited in 208 other reports.
Report ID: SPE000000067503, U.S. Department of Veterans Affairs
Reported Entity: VISN 20 Spokane, WA
Issue:
Inappropriate inclusion of full SSN and DOB was added to a Veteran's mailing address line on a letter. Through the clear windowed envelope the following was exposed: Veteran's full name, home address, full SSN and full DoB. The letter did NOT include any specific lab or medical procedure results or appointments. Update: 10/06/11:The letter was mailed and the Veterans full SSN was displayes as the letter went through the mail system. A second copy was additionally mailed to a DAV coordinator with the same information disclosed. The Veteran will be sent a letter offering credit protection services.
Outcome:
The author along with their co-worker are conducting an immediate review their mail out process and letter templates to be sure that only minimal necessary information and identifiers are included in all future letters/correspondence. They are immediately halting the use of all "clear windowed" envelopes and will only use solid white envelopes for all future correspondence by mail.