Ky. VA breach affects 1,900
The Department of Veterans Affairs (VA) officials recently learned that a staff member at the Lexington VA Medical Center, without authorization, took home patient files, slides, images and data on their laptop computer.
The information contained personal information from approximately 1,900 veterans, including names, last four digits of Social Security numbers, dates of birth and medical diagnoses, according to a statement from the Lexington, Ky.-based facility.
The medical center conducted an investigation to determine how and why the information was removed from the facility without authorization. The investigation determined the staff member did not follow established privacy and information security requirements.
“We do not believe the information was used maliciously by this employee or anyone else. We take our obligation to protect patient information seriously,” said DeWayne Hamlin, director of the Lexington VA Medical Center.
According to a statement, the VA provides annual privacy training to its employees and is constantly working to improve how it protects patient information.
Veterans whose personal information was involved in this incident have been notified. In addition, credit protection services for one year were offered to the affected veterans.
The information contained personal information from approximately 1,900 veterans, including names, last four digits of Social Security numbers, dates of birth and medical diagnoses, according to a statement from the Lexington, Ky.-based facility.
The medical center conducted an investigation to determine how and why the information was removed from the facility without authorization. The investigation determined the staff member did not follow established privacy and information security requirements.
“We do not believe the information was used maliciously by this employee or anyone else. We take our obligation to protect patient information seriously,” said DeWayne Hamlin, director of the Lexington VA Medical Center.
According to a statement, the VA provides annual privacy training to its employees and is constantly working to improve how it protects patient information.
Veterans whose personal information was involved in this incident have been notified. In addition, credit protection services for one year were offered to the affected veterans.