Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Mid South Healthcare Network (VISN 9)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on March 5, 2013. Also cited in 328 other reports.
Report ID: PSETS0000086417, U.S. Department of Veterans Affairs
Reported Entity: VISN 09 Memphis, TN
Issue:
VA Patient A received a medication list written for Patient B. Patient A did not realize that he received the wrong medication list until he called the VAMC Tele-care Pharmacy line to inquire about his most recent medication prescribed by his provider. VAMC staff requested the prescription number and upon review of the patient medical record, staff noted that the medication belongs to another VA patient and that the medication has never been prescribed for this patient. Patient A confirmed that he received medication list from Memphis VAMC. Update: 03/06/13: Patient B will be sent a letter offering credit protection services. 03/22/13: update, no SSN or DOB was disclosed therefore notifcation letter will be sent instead.
Outcome:
Privacy Officer and Supervisor who manages the Program Support Assistants at the Specialty Clinic where the incident happened met with staff and educated them to be diligent and use effective identification process to identify the right patient before checking them out after their clinic appointment. Based on PO's interaction with staff it is probable the incident happened during check-out process at the Specialty Clinic but it was difficult to pin-point the specific individual who handed the wrong medication list to the patient. Privacy Officer will follow up periodically to meet with concerned staff to ensure the proper process of identification is being followed to check patients out after their clinic appointment. Upon review of the medication list provided by the patient, PO determined that the only PII that may have been inappropriately accessed is patient full name. There was neither address, SSN nor patient DOB on the medication sheet. Notification letter will be mailed to the concerned Veteran tomorrow, 3/27/2013; redacted copy has been uploaded into PSETS. Incident is considered closed as of 3/26/2013.