Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Sioux Falls Regional Benefit Office
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on October 17, 2013. Also cited in 28 other reports.
Report ID: PSETS0000095907, U.S. Department of Veterans Affairs
Reported Entity: SIOUX FALLS SD - 438
Issue:
An unknown VA employee took the "Schedule of Operations" list containing full name, full SSN, diagnosis, and type of surgery performed from secretary's desk. A total of 63 patients were on the list and it can be reproduced. The unknown employee announced to secretary he/she was taking it. The secretary was on the phone and did not see who the person was, only heard him/her. The list was not returned. The event happened within the work area where there are no Veterans, only employees. A thorough search was conducted within 1 hour 15 minutes after it was taken. All staff in the department have been searching for it.
Outcome:
10/22/13: The list has still not been found. It is known that the person is an employeebecause the person approached the employee from behind. This area never has any non-employees in it. Non-employees do not regularly visit this area as it is a surgical area only, with no waiting area. In the event a non-employee would, he/she must enter the room where the secretary sits, and then need to come past the secretary into their work area. The person announced from behind they were taking the list while the secretary was focused on her phone conversation. The list is a report of past surgeries, in this case from Oct. 1st-Oct. 11th. Doctors use the list to assist with their dictations, and other surgery staff may look at the list to see what day a patient was in. The list is generated from the surgery package which prints the full SSN. The department is small and the secretary has thoroughly asked all employees of the area if they have the list, and she has gone through all the files in the office. She began her physical search within 1 hr 15 minutes when it was taken that day. Since then, the list is now kept in a filing cabinet. The Privacy Officer has provided education to service line chiefs and supervisors by asking staff to evaluate the necessity of printing patient health information (PHI) and to safe guard the information. 10/22/13: The list is still unaccounted for. The DBCT has reviewed the incident and determined that credit protection services will be offored to all 63 patients.