One of the breaches added to HHS’s public breach tool this week was an incident involving the City of Cincinnati, who reported that 5,696 individuals were notified of a breach on April 4 involving their business associate, OptumRx.
PHIprivacy.net contacted the City of Cincinnati, who sent this statement about the incident:
“In April we notified some members enrolled in the City of Cincinnati health plan that letters regarding their current or past prescriptions were inadvertently mailed to incorrect individuals. The letters did not include Social Security numbers or financial account information. We deeply regret that this incident may have caused concern for anyone. We are working to put additional protections in place to prevent such incidents from occurring in the future, including reinforcing existing policies and practices and evaluating additional safeguards. Specially trained customer care representatives are available to address any questions or concerns of affected members and can be reached toll-free, 24 hours a day, seven days a week at 1(855)-385-9357.”