Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Tennessee Valley Healthcare System
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on September 6, 2013. Also cited in 104 other reports.
Report ID: PSETS0000094342, U.S. Department of Veterans Affairs
Reported Entity: NASHVILLE TN - 626
Issue:
In December 2012, a Veteran requested and was provided a copy of a Sensitive Patient Access Report identifying VA employees that had accessed his VISTA/CPRS Record. The Privacy Officer then received 9 pages of that report from the Veteran requesting all entries be investigated to determine if access was appropriate. The Veteran identified over 50 VA employees who he wishes to be investigated to determine access. The Veteran also is reporting that a VA Contract employee at one of the Contract Clinics, inappropriately provided a diagnosis to the local police during an assault investigation filed by the Veteran.
Outcome:
9/16/13 The Privacy Officer is still investigating this complaint. There are about 50 employee accesses the Veteran requested be checked. PO is still in the process of checking those accesses. 9/20/13 The PO is still reviewing SPAR to determine if legitimate accesses. Due to accesses by 84 different employees, PO is still working through the report. 9/24/13 PO is still investigating CPRS Accesses of 80+ employees. 9/30/13: Upon completion of the CPRS access review, the Privacy Officer could not identify any inappropriate accesses. However, it was found that a VA Contractor at the VA Cookeville Clinic, when being interviewed concerning an alleged assault charge filed by this Veteran, informed the Cookeville Police of the diagnosis of this Veteran. 10/01/13: Veteran A will be sent a notification letter.