With chronic pain in his neck and back and a brain injury from his days in the service, it wasn't a surprise that Air Force veteran Ben Krause had a huge file at the Minneapolis Veterans Affairs offices: more than a thousand pages of confidential and sensitive information dealing with medical issues, vocational rehab and disability compensation.
What was a surprise is what happened when Krause requested copies of his file last year. The VA sent them to someone else.
The VA had used an outdated address. Krause never found out who received his file, which contained medical information, his Social Security number and information about his daughter. After the VA was told about the problem, it offered Krause a year's worth of credit protection.
With that, Krause became a member of what appears to be a widening club: the number of veterans whose privacy has been breached by employees and contractors at VA hospitals, community clinics and benefit centers.
"They delivered them to somebody who was not me, who signed for it, then I never got them, and VA's response was, 'whoops,' " Krause said.
Since 2011, there have been 240 cases of reported privacy violations at VA facilities in St. Paul, Minneapolis, St. Cloud and various clinics around the state. From 2011 to 2015, the number of violations has more than doubled.

The violations include one veteran receiving a photo in the mail of another veteran's colonoscopy, one provider discussing a patient's diagnosis with the patient's real estate agent, VA workers snooping into the records of patients whose names have appeared in the news, and some widows receiving discharge papers and awards belonging to unrelated vets.
Thousands of violations
The disclosures are contained in a database built by the investigative journalism organization ProPublica and shared with the Star Tribune. Working with data obtained through the Freedom of Information Act, ProPublica's national investigation found that employees and contractors at VA medical centers, clinics, pharmacies and benefit centers commit thousands of privacy violations each year and have racked up more than 10,000 since 2011.