Michigan Medicine may have exposed 3.7K patients' contact information during fundraising campaign

Ann Arbor-based Michigan Medicine began notifying roughly 3,700 patients on Sept. 28 about a mailing error that may have inadvertently exposed their names and contact information.

The potential breach stemmed from a fundraising campaign the Michigan Medicine development office launched in early September. It contracted with a printing company to mail letters about the campaign to a large number of patients.

The hospital discovered on Sept. 4 that a portion of the letters had been incorrectly processed by the vendor, resulting in letters being mailed to the incorrect patient.

Information in the letters primarily included names and addresses, but some letters also included phone numbers or email addresses. No medical information, Social Security numbers, credit or debit card, or bank account numbers were exposed.

The errors stemmed from a change in the vendor's computers after new software had been installed. The vendor has since addressed the issue to prevent future errors, and the development office will begin using window envelopes to avoid the need to match letters to envelopes.

More articles on cybersecurity:

8 healthcare privacy incidents in September
New York hospital fires employees for breaching patient information
Healthcare data breaches spike significantly in 7 years: 5 things to know

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Top 40 Articles from the Past 6 Months