Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Healthcare System (VISN 10)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on November 25, 2011. Also cited in 119 other reports.
Report ID: SPE000000069034, U.S. Department of Veterans Affairs
Reported Entity: VISN 10 Chillicothe, OH
Issue:
The Risk Manager took a call from Veteran A who claimed that his medical records (demographic info. and problem list) were released to an unidentified Veteran B by clinic staff. The unidentified Veteran B was alleged to have received his own records and found copies of Veteran A's record mixed in with his. The unidentified Veteran B returned the records to Veteran A's daughter, who eventually returned them to Veteran A who filed the complaint. The records included Veteran A's name, full SSN and medical diagnosis. Update: 12/01/11:Vetean A will receive a letter offering credit protection services.
Outcome:
Employee was reprimanded for allowing PHI of one patient to be picked up by another. Also, education was provided and the policy for providing information to Veterans in the clinics was improved. Credit Monitoring offered to affected Veteran. Copy of monitoring letter attached.