A wrong configuration of the billing program of Texas Health Resources caused the impermissible disclosure of the health information of 82,577 of its patients.
Texas Health Resources is one of the United States’ major faith-based health systems and the biggest in North Texas, having amenities in 16 counties providing services to around 7 million people.
Texas Health Resources knew about the billing system mistake, which caused the erroneous matching of patient data with guarantors on August 23, 2019. The mistake, consequently, brought about a mailing error to the guarantors or patients. The mailing error transpired on July 19, 2019 and impacted mailings until September 4, 2019.
Texas Health Resources investigated the breach to know which persons were impacted and which patient data were impermissibly disclosed. According to the investigation results, the types of data contained in the letters and mailed to wrong persons were the names, account numbers, service dates, names of treating doctors, name of the health insurance company, the amount payable, and in a few cases, a concise explanation of the services gotten. There was no highly sensitive data like financial details, Health insurance numbers and Social Security numbers included. Impacted persons received notification letters by mail on October 22.
Texas Health Resources took action to avert the same error from transpiring once again and has upgraded its data security processes.
The service provider has submitted 15 different breach reports, one for each hospital impacted, to the Department of Health and Human Services’ Office for Civil Rights.
The impacted hospitals and the number of individuals impacted are detailed here:
- Texas Health Harris Methodist Hospital Fort Worth – 14,881
- Texas Health Presbyterian Hospital Denton – 6,688
- Texas Health Presbyterian Hospital Plano – 9,678
- Texas Health Presbyterian Hospital Dallas – 12,415
- Texas Health Harris Methodist Hospital Southwest Fort Worth – 7,478
- Texas Health Presbyterian Hospital Rockwall – 4,789
- Texas Health Arlington Memorial – 6,187
- Texas Health Harris Methodist Hospital Hurst-Euless-Bedford – 4,804
- Texas Health Presbyterian Hospital Allen – 2,993
- Texas Health Harris Methodist Hospital Alliance – 3,784
- Texas Health Harris Methodist Hospital Kaufman – 2,157
- Texas Health Harris Methodist Hospital Stephenville – 1,348
- Texas Health Harris Methodist Hospital Azle – 2,113
- Texas Health Harris Methodist Hospital Cleburne – 2,737
- Texas Health Harris Methodist Southlake – 525
Rosenbaum Dental Group Breach Notification Error
Rosenbaum Dental Group based in Florida found out that malware was installed on its systems resulting in giving unauthorized persons potential access to around 1,200 patients’ PHI. The group notified the affected persons regarding the breach on July 1, 2019; but the breach notifications sent to the affected patients were postcards and not letters. And so, the recipients could be identified as Rosenbaum Dental Group patients.
In the latest press release of Rosenbaum Dental Group, the provider apologized for the error and possible HIPAA breach. The dental group has sent notification letters to inform the affected patients regarding the error and offered free credit monitoring services for one year as a safety measure.