TribLIVE

| News


 
Larger text Larger text Smaller text Smaller text | Order Photo Reprints

Pittsburgh VA ranks in top 10 for privacy complaints

About Carl Prine
Picture Carl Prine 412-320-7826
Investigative Reporter
Pittsburgh Tribune-Review

Carl Prine is an investigative reporter for the Tribune-Review.
Details

“There's a problem with the culture at VA. It's degraded over the years, management is too lax, and real power isn't even held by the central office in Washington but by unaccountable hospital fiefdoms like you see in Pittsburgh. And no one can stop them.”

Darin Selnick

a former high-ranking VA official

Related Stories

By Carl Prine

Published: Saturday, Oct. 12, 2013, 9:00 p.m.

On Jan. 4, 2010, a woman showed up to work at the VA Pittsburgh Healthcare System.

She had not submitted a resumé to the Department of Veterans Affairs or received a notice of hiring from the human resources department. She didn't have an official ID tag or a password to enter the nationwide computer system.

“Hired” by a friend employed at the VA Pittsburgh, she spent six weeks registering patients, issuing wristbands, scheduling appointments — and handling the sensitive medical and financial records of up to 6,207 military veterans. Her friend and other employees for whom she filled in gave her their passwords.

The scheme fell apart about a month later when the unnamed woman asked HR “why she had not received a paycheck,” according to a VA security report the Tribune-Review obtained.

The incident triggered the VA's second-largest breach of protected data nationwide in three years, potentially compromising data for about one in 10 patients.

According to the VA memo, the woman had worked as “a healthcare professional at a local hospital.”

The VA offered free credit monitoring to veterans whose records she read. Employees embroiled in her hiring faced “appropriate disciplinary action,” but there was no indication anyone would be fired.

Though the VA by law must disclose privacy breaches affecting more than 500 patients to the Department of Health and Human Services, officials there told the Trib that the VA failed to alert them.

A spokesman for Terry Gerigk Wolf, who has led the VA Pittsburgh Healthcare System since 2007, and her boss, Michael Moreland, director of Veterans Integrated Service Network 4, referred the Trib's written questions about their handling of this and other privacy complaints to the VA's national headquarters in Washington.

A VA spokeswoman there said Pittsburgh administrators decided not to tell Health and Human Services because they determined there was low risk of misuse of the data.

The fake employee was one of 267 Pittsburgh VA privacy failures from Jan. 1, 2010, to May 31, 2013. Medical or financial records for at least 7,069 vets and seven workers were lost, stolen or disclosed to outsiders, according to reports to the national office.

The Pittsburgh VA was in the top 10 nationwide for the number of complaints and second for the total number of potential victims since 2010.

Privacy problems appear to continue. An April 18 report claims an unidentified whistle-blower compiled seven binders of data on 14 patients — four of them deceased — to try to “prove lab equipment is faulty.”

That violates federal health privacy rules, but the Trib wanted to know if patients should worry about unsafe medical lab equipment. VA officials declined to comment.

New safety fears follow ongoing congressional probes dogging the Pittsburgh VA over one of the largest backlogs of benefits claims nationwide and an outbreak of Legionnaire's disease between 2011 and 2012 linked to at least five deaths.

“The problems you see are caused by a VA that threatens no consequences for wrongdoers, provides no oversight and fails to properly monitor employees for privacy violations,” said Darin Selnick, a former high-ranking VA official who advises Concerned Veterans for America, a Washington-based advocacy group.

“There's a problem with the culture at VA. It's degraded over the years, management is too lax, and real power isn't even held by the central office in Washington but by unaccountable hospital fiefdoms like you see in Pittsburgh. And no one can stop them,” said Selnick, a retired Air Force officer.

“Want to solve the problem? Start visibly firing them for these sorts of privacy violations. That sends a signal to the entire VA workforce about standards.”

Carl Prine is a Trib Total Media staff writer. Reach him at 412-320-7826 or cprine@tribweb.com.

 

 

 
 


Show commenting policy

Most-Read Allegheny

  1. Landmark former school in Pittsburgh’s Hill District to incubate startups
  2. Wuerl tells faithful all Catholics are responsible for schools
  3. Trial begins in Steelers stabbing
  4. Proposal to drill in West Deer and Frazer draws comments from both sides
  5. 4-car crash near Fox Chapel snarls Route 28 traffic
  6. Post 9/11 veterans lend skills to community leadership course
  7. Democrats consider Pittsburgh for 2016 national convention
  8. Newsmaker: Leah Pileggi
  9. Garden project unites Homewood through self-sufficiency, veggies
  10. W.Pa. runners bask in Boston pride, help in ‘taking back the finish line’
  11. Bullied South Fayette student’s case prompts wiretap overhaul legislation
Subscribe today! Click here for our subscription offers.