Clark Memorial Hospital in Jeffersonville, Ind., within days of discovering a breach, is notifying 1,087 patients that protected health information was inadvertently shared with other patients.

The hospital learned on July 16 that Mail Louisville Inc., a contractor that processes and mails billing statements, on July 15 sent statements to the wrong name and address. “Accordingly, for each of the affected patients, the billing statement was sent to another one of those affected patients,” according to the hospital’s public notice.

Compromised information included patient name, service dates and a general category of service, a randomly assigned hospital account number, charges, amounts paid by insurance, and remaining balance. No detailed clinical information, birth dates, insurance account numbers or Social Security numbers were in the statements.

Mail Louisville quickly identified and fixed the cause of the processing error, but the hospital said in the notice that it is accessing its current relationship with the vendor. “The hospital has worked with Mail Louisville for many years without incident and trust that they have taken, and will continue to take, the necessary steps to resolve this issue.”

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access