Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
South Central VA Health Care Network (VISN 16)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on April 12, 2012. Also cited in 317 other reports.
Report ID: SPE000000074047, U.S. Department of Veterans Affairs
Reported Entity: VISN 16 Little Rock, AR
Issue:
An employee who is also a Veteran sent an unencrypted email to her provider. She included her own last 4 of her SSN and information asking for a reference letter for surgery for weight loss. The provider then sent the email, unencrypted, to the ADPAC for the Service saying it wasn't a secure email. The employee reported to a Patient Representative that her privacy was violated and was told by the Patient Representative the Privacy Officer would check it out. Update: 04/12/12:The employee will be sent a notification letter.
Outcome:
Acknowledged that both Veteran/patient and provider did not utilize PKI so they both didn't follow policy. Both individuals have been reminded of the appropriate way to send information. Training is current letter has gone out to employee/Veteran.