Boise, Idaho-based Saint Alphonsus Health System recently began notifying patients of an email hacking incident that exposed their personal information, but some letters mailed out to those affected by the breach mistakenly said they were dead, according to a March 9 KIVITV report.
Saint Alphonsus, which is part of Livonia, Mich.-based Trinity Health, discovered unusual activity related to an employee email account in January. The incident led to a patient data breach, which Saint Alphonsus communicated to affected individuals via mailed notification letters.
"Unfortunately, when the letters were generated, a mail merge issue created an incorrect status for some patients, addressing them as deceased or a minor," the health system said in a statement, according to the report.
Saint Alphonsus said the mail merge issue did not occur at its health system, and all the affected patients' statuses are properly identified in its EHR system.
"We deeply apologize for the confusion and frustration which this incident has caused. We greatly value the trust of our patients and community members as an important commitment we make to the communities we serve," the health system said. "We take the privacy and security of our patient information very seriously."