Oklahoma City-based American Fidelity Assurance Company has notified 2,664 customers that some of their data has been disclosed to other customers as a result of a mailing error.
The mailing error, which has been attributed to human error, occurred on February 15, 2015. American Fidelity mailed debit card substantiation letters to some of its customers which contained a section of information intended for other customers.
The information printed on the letters included names and addresses, employer names and ID numbers, dates of service, provider names, payment amounts, and the last four digits of another customer’s debit card number. The letters also included details of customers’ recent flexible spending account debit card usage. No Social Security numbers or dates of birth were included in the mailings.
Affected customers had their data exposed to another individual, although due to the nature of the incident and limited amount of data exposed, American Fidelity does not believe customers are at risk of data being used inappropriately.
Customers have been notified of the incident out of an abundance of caution and have been offered credit monitoring and identity theft protection service for a period of one year without charge.
American Fidelity has taken steps to reduce the risk of similar incidents occurring in the future and attempts are being made to recover the debit card substantiation letters to ensure they can be disposed of securely.
The post Mailing Error Exposes PHI of American Fidelity Customers appeared first on HIPAA Journal.