Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Mid South Healthcare Network (VISN 9)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on March 21, 2012. Also cited in 328 other reports.
Report ID: SPE000000073171, U.S. Department of Veterans Affairs
Reported Entity: VISN 09 Louisville, KY
Issue:
A physician at the VA Medical Center who is going through an investigation has on three occasions, that we know of, emailed patient information to his outside e-mail address and on at least two of these occasions forwarded these emails from his outside email to his attorney. These e-mails included the last name and last 4 of the SSN on two different patients. One of the documents had been stripped of any identifiers. These documents were sent to his attorney without the patient consent and without the attorney's request. I have been informed that the board has reported this to VACO. Update: 03/21/12:Veteran A & B will be sent a notification letter.
Outcome:
This investigation is complete on the side of Privacy. This physician did violate VA Handbook 6500, appendix G- Rules of Behavior as well as VA Handbook 1605.1 and Facility Privacy Policy by sending these e-mails outside of the safeguards of VA. Also, violating releasing patient information to his attorney without authorization. This information has been turned over to HR for further mitigation and discipline if necessary.