Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Heartland Network (VISN 15)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on August 13, 2012. Also cited in 149 other reports.
Report ID: SPE000000079103, U.S. Department of Veterans Affairs
Reported Entity: VISN 15 Wichita, KS
Issue:
A VA employee at the Parsons CBOC accessed a medical record of a Veteran with the same last name. The Information Security Officer (ISO) inquired with the VA employee (to include supervisor) if they were related. Access to the medical record was identified utilizing the Daily Sensitive Record Access log. On Friday Aug 10 at 2:48pm, the VA employee replied via e-mail stated she was not related to the patient. On Monday Aug 13, the supervisor informed the ISO the patient was the VA employee's husband. At 8:45am, the VA employee sent an e-mail to the ISO stating the patient was her husband. The ISO has setup a phone meeting with the VA employee and supervisor at 3:00pm Update: 08/13/12:The Veteran will be sent a HIPAA notification letter.
Outcome:
Responsible employee counseled by ISO and supervisor. Written letter of counseling given to employee. Notification letter sent to affected Veteran.