Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Mid South Healthcare Network (VISN 9)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on October 3, 2011. Also cited in 328 other reports.
Report ID: SPE000000067390, U.S. Department of Veterans Affairs
Reported Entity: VISN 09 Nashville, TN
Issue:
On 10/01/11, Veteran A contacted the Privacy Officer (PO) at the Nashville campus to report the following:For two years, Veteran A stated he has received correspondence, appointment reminders (via phone), and medications belonging to Veteran B. Veteran B stated he reported the concern but the issue is ongoing. Veteran A stated he returned the medications and correspondence to VA.Upon inquiry, the Privacy Officer (PO) noted Veteran A and B have the same last name, last four social security number, address and phone number in CPRS. PO contacted the Supervisor, Business Office (BO), Nashville campus. Supervisor obtained Veteran Bs address, via the VA Regional Office, and called Veteran B to confirm his contact information. Supervisor updated Veteran B's address in CPRS. It is believed Veteran B's address was inadvertently changed to Veteran A's address by a BO clerk during an appointment. Veteran B's information included: Full name, last four SSN, medication label, and appointment information. Update: 10/03/11:Veteran B will be sent a letter of credit protection services due to full name and date of birth being disclosed.
Outcome:
10/17/11 - Incident due to human error. Appropriate training was provided to the employee with emphasis on the importance of identifying the correct patient when obtaining information.