Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Great Lakes Health Care System (VISN 12)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on July 21, 2011. Also cited in 130 other reports.
Report ID: SPE000000064924, U.S. Department of Veterans Affairs
Reported Entity: VISN 12 North Chicago, IL
Issue:
A Military Personnel Division employee inadvertently mailed two fitness reports to wrong individuals (each received the other's report), Upon realizing the mistake, both individuals returned the reports and the mistake was corrected. The employee has been counseled and corrective actions have been taken to prevent this situation from recurring. Credit Reporting offered and refused by one individual. Second individual pending. Employee completed HIPAA Refresher Training on 03/31/11. Update: 07/22/11:There were two FITREPS (Fitness Reports/performance evaluations) that were prepared as a result of the reservists completing their annual reserve training. The reports were standard Not Observed (NOB) reports, which document what the reservist did while on reserve duty. A VA (FHCC) civilian employee mailed the reports. The reports do contain full name and SSN of both individuals. Both reservists will be sent a letter offering credit protection services.
Outcome:
Employee counseled. Refresher privacy training was conducted. Policies and procedures were reviewed and new policies were developed and implemented to ensure this violation is not repeated.