Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Northwest Network (VISN 20)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on September 16, 2011. Also cited in 208 other reports.
Report ID: SPE000000066832, U.S. Department of Veterans Affairs
Reported Entity: VISN 20 Portland, OR
Issue:
The VA Health Resource Center (HRC) emailed this facility Privacy Officer to report that a Veteran had called the Health Resource Center (HRC) to report that he received paperwork through the mail for 4 other Veterans. The 4 documents were all lab results letters sent from the Portland VAMC in a single envelope. As advised by the HRC contact representative, the caller mailed the statements without their original envelope to the HRC. The HRC Privacy Officer scanned the 4 documents to PDF and included them in the email notification. The origionals recieved by the HRC have been destroyed.Of the four documents, three show only hemoglobin A1C results with an indication of "no significant abnormalities". The other document includes a more detailed blood test result with comments stating some are elevated due to recent surgury, but are expected to normalize. Two of the letters showed the date, time, and title of the Veteran's next appointment. Update: 09/16/11:Four (4) Veterans will be sent a notification letter due to PHI being exposed.
Outcome:
The office which sent the documents to the wrong Veteran is changing their internal process so the error is less likely to occur again.