Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Healthcare - VISN 4 (VISN 4)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on October 20, 2011. Also cited in 239 other reports.
Report ID: SPE000000067865, U.S. Department of Veterans Affairs
Reported Entity: VISN 04 Pittsburgh, PA
Issue:
The Ears, Nose and Throat (ENT) Clinic Manager reported to the VA Police and the Privacy Officer (PO) that an unlocked/unsecured file cabinet in an unsecured area had been tampered with. The file cabinet stored documents containing protected health information (PHI) had been placed in the trash. When a clinic administrative clerk reported to work the morning of 10/20/11, she discovered that the medical pre-op packages in the file cabinet were not in the same order as they were the previous afternoon when the clerk left for the day. There were also documents from the file cabinet that were found in the trash can. The clerk reports that the file cabinet was locked and that the cubicle where the file cabinet is located does not lock. The clerk is comparing the schedule of todays patients with the documents that have been tampered with to try and determine if any of the pre-op medical packets are missing. Update: 10/20/11:It is not known if malicious intent was involved, however it is known that someone did go through the records and left them in an unorganized fashion and two of the packets of information were thrown in the trash. The clinic manager questioned staff to see who was in the area after hours and why, however all staff members denied being in the area. All documents in the room have been reviewed and there were a total of 354 Veterans who had their information compromised. Letters offering credit protection services will be sent to 354 Veterans.10/31/11:The total number of individual affected was 308 and not 354. The reason the documents were unsecured is that the clerk indicated that they only had 1 key to the file cabinet and wanted to make sure access to cabinet was available to staff in the event that someone needed into the cabinet and the clerk was not available. The underlying reason or excuse for lack of proper safeguarding is based on the fact that the facility is having some remodeling completed and many clinics are working in temporary work areas.
Outcome:
The credit protection letters were provided to the affected individuals. The area where the incident occurred has been properly secured and improved safeguard measures are in the process of being implemented. The file cabinet was rekeyed by the locksmith and more than 1 key is now available. The door to the check in area has been scheduled to have a lock installed. Temporary use of the locked nursing office across the hall is also being used to store all documents overnight until proper safeguard measures have been implemented and determined secure by the privacy office.