Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Southwest Health Care Network (VISN 18)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on February 13, 2012. Also cited in 228 other reports.
Report ID: SPE000000071714, U.S. Department of Veterans Affairs
Reported Entity: VISN 18 El Paso, TX
Issue:
Veteran A called the Privacy Officer (PO) to report the receipt of an envelope with 2 pages containing Veteran B's registration information via USPS mail delivery. He stated that he would return the entire letter, envelope and 2 pages of information to the Community Based Outpatient Clinic (CBOC) Manager for return to the facility. Veteran A expressed concern about the mis-mailing to him of Veteran B's private information and wanted to make sure the problem would be addressed. The packet was received in the Privacy Office that included 2 pages of registration information/demographics on Veteran B including full name, full social security number, date of birth, home and cell phone numbers, co-pay, and name of provider, future appointments, home address, and name of spouse. Update: 02/13/12: Veteran B will be sent a letter offering credit protection services. NOTE: There were a total of 97 Mis-Mailed incidents this reporting period. Because of repetition, the other 96 are not included in this report, but are included in the "Mis-Mailed Incidents" count at the end of this report. In all incidents, Veterans will receive a notification letter and/or credit monitoring will be offered if appropriate.
Outcome:
03/27/2012 Update: Veteran A, upon receiving Veteran B's information, immediately informed our facility Privacy Officer and then returned the two pages of original information and envelope to our facility. Responsible Supervisors conducted a fact-finding of this incident and determined that information faxed to our Community Based Outpatient Clinic was mistakenly placed in an incorrectly addressed envelope and delivered to the incorrect Veteran. The information disclosed included Veteran B's full name, date of birth, full social security number, address, telephone number, and eligibility information as well as next of kin information and upcoming appointments. In addressing this issue and providing corrective action to assure that this type of error does not happen again, responsible Supervisor in Medical Records/Release of Information area as well as manager at CBOC have conducted re-education and training for the responsible employees, on the proper ways of ensuring that the correct patient information is being mailed to the correct veteran. Training also emphasized the accountability for conscientious attention in handling and mail-out of our Veteran\xe2\x80\x99s confidential information. Additionally, a letter of thanks is being provided to the Veteran who returned the original documents to our facility and brought this matter to our attention. Recommend ticket closure based upon above documented fact-finding, mitigation, and corrective action. Redacted letter over Director's signature, provided to Veteran B, whose information was inappropriately mailed/privacy breached - being uploaded to PSETS for reference and ticket closure. Submitted: JWinstead, Privacy Officer EPVAHCS