Loyola University Medical Center and University of New Mexico Hospital have discovered separate mailing-related privacy breaches and have started notifying patients of the exposure of a limited amount of their protected health information.
Loyola University Medical Center Privacy Breach
On April 5, 2016., Loyola University Medical Center discovered billing statements had been sent to incorrect addresses in February 2016. The University had undertaken a project to acquire accurate addresses; however, some billing statements ended up being released to addresses that had not been verified.
A limited amount of protected health information was inadvertently disclosed to unauthorized individuals including patients’ names, along with their account number, dates of service, procedure codes, general descriptions of the medical services provided, and the balances due to be paid. No Social Security numbers, credit card details, or insurance information were disclosed.
In an effort to minimize the probability of similar privacy breaches occurring, Loyola University Medical Center will also be increasing the number of data elements in its address search query and will also be contacting individuals prior to mailing billing statements to ensure the documents are sent to the correct addresses.
University of New Mexico Hospital Privacy Breach
University of New Mexico Hospital has started notifying 2,827 patients of a breach of personal and medical information that first occurred in late December, 2015.
Patients’ names, service dates, providers’ names, and brief descriptions of the medical services provided were detailed on invoice documents which were mailed out to 18 different addresses over a period of 15 weeks.
In total, 33 invoice documents were mailed between December 22, 2015 and April 2, 2016. Each document contained a different number of names. The mailing error was investigated and determined to have been caused by a technical error, which has now been corrected.
University of New Mexico Hospital has advised patients that its system will be monitored to prevent erroneous mailings of invoices and billing statements in the future.
The post Two Healthcare Providers Announce Billing-Related PHI Breaches appeared first on HIPAA Journal.