Joel Eisenbaum reports:
Houston Methodist Hospital will take unspecified “corrective action” following a Local 2 investigation. Our report uncovered a billing error that put the private medical information of four people into the hands of a stranger.
The compromised private information of those patients included: names, addresses, hospital account numbers, dates of procedures, types of procedures, costs of procedures, medications and insurance providers.
Read more on Click2Houston.
Including other patients’ information in response to a request for records is all-too-common, as we’ve seen over the years. And once again, human error resulted in additional pages being included in an envelope.
I think most people would agree that these types of errors have a lower probability of leading to ID theft, but what about the sensitivity of information? What if this was an HIV clinic or a mental health facility?
Entities train their employees on HIPAA and the need to protect privacy, but on a day-to-day basis, people rush as they try to get all their work done, and this type of thing keeps happening. What’s the solution? Having one person prepare the mail and a second person verify it? Maybe….