DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Privacy breaches in VA health records wound veterans

Posted on October 13, 2013 by Dissent

Carl Prine of the Pittsburgh Tribune-Review reports on an investigation they  conducted on privacy breaches involving veterans’ health records.  Some of their findings:

…  VA workers or contractors committed 14,215 privacy violations at 167 facilities from 2010 through May 31, victimizing at least 101,018 veterans and 551 VA employees. Photos of the anatomy of some were posted on social media; stolen IDs of others were used to make fraudulent credit cards.

[…]

Eleven times since 2010, criminal investigators found VA employees in Massachusetts, Ohio, Virginia, Florida and Washington stealing veterans’ identities or prescriptions. The outcome of those cases is unknown because VA privacy officers decided the outcomes should be private.

In 2012, a medical clerk in Miami was sentenced to two years in prison for selling undercover agents data belonging to 22 veterans. The employee confessed to stealing the identities of 3,000 vets over five years before a credit card fraud scheme fell apart.

[…]

One in 365 privacy violations was turned over to the agency’s Office of Inspector General, VA police or outside law enforcement. VA privacy officers recommended that 31 people lose their jobs for unlawful disclosures — nearly half of them contractors, volunteers, medical students or part-time staffers. Officials cannot estimate how many employees were terminated for privacy violations but conceded that it’s rare.

In 82 cases, providers illegally released medical information or failed to secure patient consent during studies, violating the privacy of 2,856 vets.

Failure to encrypt data. The VA mandated data scrambling on computers as a result of the 2006 theft in Maryland of a laptop containing 26.5 million veterans’ records. Since 2010, however, at least 16,183 vets were put at risk because VA employees failed to encrypt electronic gadgets that got lost or stolen.

Read more on TribLive.

No doubt the VA will argue that these stats are a tiny drop in the bucket given the number of transactions that occur on a yearly basis, but they are still troubling, as many of the potential harms are preventable.

 

Related posts:

  • Veterans Administration responds to Freedom of Information request; releases breach reports
  • Small-Scale Violations of Medical Privacy Often Cause the Most Harm
Category: Health Data

Post navigation

← Software Company Tom Sawyer Hacked, 61,000 Vendors Accounts Leaked
Burglary at Legal Aid Society of San Mateo County compromises clients' personal and medical information →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit
  • British national “IntelBroker” charged with causing $25 million in damages; U.S. seeks his extradition from France
  • France issues press statement about arrest of ShinyHunters members
  • Patients Allege Home Delivery Pharmacy Failed to Timely Notify Them of Data Breach

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions
  • NY Attorney General James Affirms Hospitals Must Provide Access to Emergency Abortion Care
  • How Internet of Things devices affect your privacy – even when they’re not yours

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.