25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Michigan Medicine Notifies 3,600 Patients of PHI Disclosure Due to Mailing Error

Posted By on Oct 9, 2018

Michigan Medicine is notifying more than 3,600 patients of an impermissible disclosure of a limited amount of their protected health information.

In early September 2018, the Michigan Medicine Development Office launched a fundraising campaign that involved sending letters to a large number of its patients. A third-party vendor was contracted to print the letters for the mailing and while many of the letters were printed correctly, an error was made by the printing company that resulted in an impermissible disclosure of certain patients’ personal information.

According to Michigan Medicine, the error was introduced when the printing company installed new software. As a result of the error, a proportion of the letters contained information that was intended for other Michigan Medicine patients and did not match the name and address on the outside of the envelope.

Since this was a fundraising mailing, the letters did not contain any medical information, Social Security numbers, financial data, or other highly sensitive information. Patients affected by the error has their name, address, and in some cases email address and contact telephone number, disclosed to another Michigan Medicine patient.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

The error was detected by Michigan Medicine on September 4, 2018 and prompt action was taken to alert the vendor to the error to prevent any further impermissible disclosures of patient information.

“Patient privacy is extremely important to us, and we take this matter very seriously,” said Jeanne Strickland, Michigan Medicine chief compliance officer. “Michigan Medicine took steps immediately to investigate this matter.”

As an additional measure to prevent similar breaches, Michigan Medicine’s Development Office will be using window envelopes for future mailings, eliminating the need to match envelopes with letters.

The Mailing error was a reportable breach under HIPAA and the Department of Health and Human Services’ Office for Civil Rights (OCR) was notified well inside the 60-day reporting deadline. The breach summary on the OCR website indicates 3,624 patients were affected by the incident.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist