Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Heartland Network (VISN 15)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on November 27, 2012. Also cited in 149 other reports.
Report ID: PSETS0000082875, U.S. Department of Veterans Affairs
Reported Entity: VISN 15 Topeka, KS
Issue:
It was reported a Social worker sent an Advanced Directive Form to a nurse in need of one. The form was partially completed, but thought to be the blank VA 10-0137 Form; therefore was sent via unencrypted email. Upon receiving & printing the Form, it was subsequently provided to Veteran A currently in Palliative Care. Veteran A notified their provider on 11-19-12 of the situation (i.e., form partially completed with Veteran B's information); & because Veterans in palliative care & had a scheduled appointment. on the 21st, the doctor requested the Veteran bring the form with him on the day of his appointment (and not earlier.) Additionally, all individuals receiving the email were authorized to view the information. Update: 11/27/12:Veteran B will be sent a letter offering credit protection services due to full name and full SSN being disclosed.
Outcome:
Privacy training was provided for those involved as well as instructed forms can be located on the Publications website: & specifically where VHA 10-0137 form could be found. Supervisors were notified of event & to work /c HR for any appropriate personnel actions.