The Department of Veterans Affairs has posted its Monthly Report to Congress on Data Incidents for August 2010. As in the past, there are a number of mis-mailed prescriptions or incidents involving one patient being sent another patient’s medication. Most incidents during this period were of low to moderate risk to patients, and I must say I’m impressed with the detail provided in these reports.
The only single incident of note, since it might be included in breach reports compiled by ITRC, Privacy Rights Clearinghouse, and DatalossDB:
On Aug. 12, “NCA employees found boxes of documents located in a vacant cubical in the NCA Central Office. The boxes contained P-31 forms (Personnel Roster), employee travel documents with full social security number, names, addresses and financial documents listing employee’s salaries.
Incident Update 08/13/10:The documents were left by a former staff member who left in January 2010. The boxes had no markings and were covered with lids but were not secured. The total number of individuals involved is 218 and the information included name and DOB or full SSN. The 218 employees will receive a letter offering credit protection services.