| News

Larger text Larger text Smaller text Smaller text | Order Photo Reprints

Pittsburgh VA ranks in top 10 for privacy complaints

Email Newsletters

Click here to sign up for one of our email newsletters.

“There's a problem with the culture at VA. It's degraded over the years, management is too lax, and real power isn't even held by the central office in Washington but by unaccountable hospital fiefdoms like you see in Pittsburgh. And no one can stop them.”

Darin Selnick

a former high-ranking VA official

Related Stories

'American Coyotes' Series

Traveling by Jeep, boat and foot, Tribune-Review investigative reporter Carl Prine and photojournalist Justin Merriman covered nearly 2,000 miles over two months along the border with Mexico to report on coyotes — the human traffickers who bring illegal immigrants into the United States. Most are Americans working for money and/or drugs. This series reports how their operations have a major impact on life for residents and the environment along the border — and beyond.

Saturday, Oct. 12, 2013, 9:00 p.m.

On Jan. 4, 2010, a woman showed up to work at the VA Pittsburgh Healthcare System.

She had not submitted a resumé to the Department of Veterans Affairs or received a notice of hiring from the human resources department. She didn't have an official ID tag or a password to enter the nationwide computer system.

“Hired” by a friend employed at the VA Pittsburgh, she spent six weeks registering patients, issuing wristbands, scheduling appointments — and handling the sensitive medical and financial records of up to 6,207 military veterans. Her friend and other employees for whom she filled in gave her their passwords.

The scheme fell apart about a month later when the unnamed woman asked HR “why she had not received a paycheck,” according to a VA security report the Tribune-Review obtained.

The incident triggered the VA's second-largest breach of protected data nationwide in three years, potentially compromising data for about one in 10 patients.

According to the VA memo, the woman had worked as “a healthcare professional at a local hospital.”

The VA offered free credit monitoring to veterans whose records she read. Employees embroiled in her hiring faced “appropriate disciplinary action,” but there was no indication anyone would be fired.

Though the VA by law must disclose privacy breaches affecting more than 500 patients to the Department of Health and Human Services, officials there told the Trib that the VA failed to alert them.

A spokesman for Terry Gerigk Wolf, who has led the VA Pittsburgh Healthcare System since 2007, and her boss, Michael Moreland, director of Veterans Integrated Service Network 4, referred the Trib's written questions about their handling of this and other privacy complaints to the VA's national headquarters in Washington.

A VA spokeswoman there said Pittsburgh administrators decided not to tell Health and Human Services because they determined there was low risk of misuse of the data.

The fake employee was one of 267 Pittsburgh VA privacy failures from Jan. 1, 2010, to May 31, 2013. Medical or financial records for at least 7,069 vets and seven workers were lost, stolen or disclosed to outsiders, according to reports to the national office.

The Pittsburgh VA was in the top 10 nationwide for the number of complaints and second for the total number of potential victims since 2010.

Privacy problems appear to continue. An April 18 report claims an unidentified whistle-blower compiled seven binders of data on 14 patients — four of them deceased — to try to “prove lab equipment is faulty.”

That violates federal health privacy rules, but the Trib wanted to know if patients should worry about unsafe medical lab equipment. VA officials declined to comment.

New safety fears follow ongoing congressional probes dogging the Pittsburgh VA over one of the largest backlogs of benefits claims nationwide and an outbreak of Legionnaire's disease between 2011 and 2012 linked to at least five deaths.

“The problems you see are caused by a VA that threatens no consequences for wrongdoers, provides no oversight and fails to properly monitor employees for privacy violations,” said Darin Selnick, a former high-ranking VA official who advises Concerned Veterans for America, a Washington-based advocacy group.

“There's a problem with the culture at VA. It's degraded over the years, management is too lax, and real power isn't even held by the central office in Washington but by unaccountable hospital fiefdoms like you see in Pittsburgh. And no one can stop them,” said Selnick, a retired Air Force officer.

“Want to solve the problem? Start visibly firing them for these sorts of privacy violations. That sends a signal to the entire VA workforce about standards.”

Carl Prine is a Trib Total Media staff writer. Reach him at 412-320-7826 or

Subscribe today! Click here for our subscription offers.



Show commenting policy

Most-Read Allegheny

  1. Rising East Liberty out of reach for Pittsburgh’s poor
  2. Water main break floods Baldwin basements
  3. Bill seeks to give Pittsburgh police license plate info
  4. Beating victim from McKees Rocks recalled as skilled family man
  5. Western Pa.’s ties to 2016 White House race extend beyond Santorum
  6. Tablets for Allegheny County Jail inmates deemed a success
  7. Filing in Scaife case challenges subpoena request by his children
  8. $1B rapid bridge replacement across Pa. aims for savings, safety
  9. Child falls through window in Marshall-Shadeland, taken to Children’s
  10. Amtrak still working to add bicycle racks to Western Pa. train routes
  11. Water line bursts at Allegheny General Hospital