The U.S. Department of Veterans Affairs and CVS Health lead the nation in federal citations for patient privacy violations, according to a new analysis.
The review, by the nonprofit journalism organization ProPublica found the VA and CVS received the most privacy complaints that resulted in corrective action plans or “technical assistance” provided by the U.S. Department of Health and Human Services from 2011 to 2014.
But notices of privacy violations were also sent to Kaiser Permanente, Planned Parenthood, and the military’s healthcare system, according to the analysis.
Thousands of times a year, the Office for Civil Rights of HHS privately resolves complaints about possible violations of the Health Insurance Portability and Accountability Act. It advises violators to fix purported problems and prods them to make voluntary changes.
Under the Freedom of Information Act, ProPublica requested letters closing HIPAA complaint investigations. Among the organization’s findings:
- In 2014, the most recent year for which data is available, HHS received more than 17,000 complaints, as well as tens of thousands of self-reported breaches of medical information.
- Some providers inadvertently, or in some cases deliberately, shared patients’ medical information without their permission.
- The top five categories of complaints in 2014 were impermissible uses and disclosures, safeguards, administrative safeguards, access and technical safeguards.
CVS and the VA told ProPublica that they are committed to protecting patient privacy.
“We are never complacent about privacy matters and we constantly strive to address and reduce disclosure incidents by enhancing our training and safeguards,” CVS said in a statement.
The VA said: “VA takes veteran privacy and the privacy of medical or health records very seriously.”
© 2023 NewsmaxHealth. All rights reserved.