Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Mid South Healthcare Network (VISN 9)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on March 26, 2013. Also cited in 328 other reports.
Report ID: PSETS0000087198, U.S. Department of Veterans Affairs
Reported Entity: VISN 09 Nashville, TN
Issue:
On March 25, 2013, the Administrative Officer, Audiology (Nashville Campus), was contacted by Veteran A who stated he received an appointment letter in the mail which belonged to Veteran B. The appointment letter contained Veteran B's name, last four of the SSN and appointment information.Veteran A also stated he is not enrolled at Tennessee Valley Healthcare System and is uncertain how we obtained his address. Upon investigation, it was found the incorrect address was entered into CPRS by a provider. It is unclear how the provider obtained Veteran A's address and why he entered it into Veteran B's records. The Privacy Officer will follow-up with the provider. Update: 03/26/13:Veteran B will be sent a notification letter.
Outcome:
3/27/13 - HIPAA notification letter mailed.Incident due to a human error. Employee has been re-educated on the importance of safeguarding Veteran PII.