- Following a House Veterans Affairs (VA) Oversight and Investigations Subcommittee meeting a few weeks ago that called out the Veterans Health Administration for weak security controls, a VA hospital in Fayetteville, N.C. was found to have exposed patient records.
According to enquirerherald.com, close to 1,100 VA patients’ records were found in a consulting optical shop’s recycle bin. From Jan. 11 and April 16, patients’ names, Social Security numbers, dates of birth, addresses and prescriptions were left exposed in this bin and the records were found on April 17.
The VA has contacted all patients who used the optical shop during that time and offered them free credit monitoring services. It has also announced plans on re-training the employee whose duty it was to shred the documents with protected health information (PHI).
It has been a rough few weeks for the VA on a national level and now a local branch seems to be having problems with physical security controls. Given the number of patients involved and the fact that Social Security numbers were included within the records, it will be interesting to see if the North Carolina VA needs to do more than just re-train an employee on which records to destroy. If nothing else, the organization as a whole needs to end speculation that it’s having major security issues and dealing with this breach swiftly could help those efforts.