Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Sierra Pacific Network (VISN 21)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on October 24, 2011. Also cited in 141 other reports.
Report ID: SPE000000067960, U.S. Department of Veterans Affairs
Reported Entity: VISN 21 San Francisco, CA
Issue:
The Project Manager of a Research study contacted the Privacy Officer (PO) that research study consent packets were accidentally sent to the wrong subjects (involves two Veteran subjects). Participation in the research study was coming close to the expiration date and a packet (to include the informed consent form and HIPAA authorization form) was sent out to all subjects. Two subjects erroneously received the packet intended for the other. The Project Manager will be self-reporting this to the Investigative Review Board (IRB) for research. Update: 10/25/11:Six (6) Veterans will be sent letters offering credit protection services.
Outcome:
PO, RCO and R&D Office collaborated with whether full SSN are required on the forms. It is the PO's recommendation that the forms are NOT pre-populated to reduce and/or prevent unnecessary risk to the veteran. Once SSN is obtained, it our policy to use minimum necessary information and recommended the PI and research staff use first letter of last name and the last four SSN. Letters have been signed by the Acting Medical Center Director. PO has redacted a copy and uploaded to the ticket. Requesting this ticket be closed.