US United States Department of Veterans Affairs Mar 2011 Misuse (Q12781)
From Open Risk Manual
A data breach risk event
| Language | Label | Description | Also known as |
|---|---|---|---|
| English | US United States Department of Veterans Affairs Mar 2011 Misuse |
A data breach risk event |
Statements
BDEC17DA-DAB3-4CDC-9ADD-80CBE8C1D0FF
March 2011
0 references
An OIG Investigation found the inappropriate disclosures of patient information to third parties (friends of an employee) and the emailing of sensitive information, including personally identifiable information (PII) and protected health information (PHI), to the employees personal email account. There were at least 55 patients affected. The employee was a home based provider. Further details are pending. 11/30/12: Eighty-one names were emailed to a private email account in an attachment. Each contained the first name, last name, address, telephone number, and assessment date. Of the 81 discovered, 70 contained the last four digits of the SSN, 9 contained last three digits of the SSN, 1 contained last two digits of the SSN, and 1 contained last one digit of the SSN. There was one email th (English)
