25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Borgess Rheumatology Informs 700 Patients of Mailing Error

Posted By on Feb 8, 2016

Borgess Rheumatology has announced that 700 of its patients have been impacted by a mailing error that occurred on December 9, 2015., that exposed their PHI.

While no Social Security numbers or other highly sensitive data have been disclosed, affected patients have had their name and the fact that they receive medical services at Borgess Rheumatology disclosed to another patient. In each case, a single patient will have been made aware of the name of another patient who receives treatment at Borgess Rheumatology and that prescription medications were used by that individual.

No health information or sensitive data such as Social Security numbers or Insurance details were detailed in the letters. While affected patients have had their privacy violated, due to the very limited data that was inadvertently disclosed, patients are unlikely to face any risk of identity theft as a result of the mailing mistake.

In a statement issued to West Michigan News Channel 3, Borgess Rheumatology said the error occurred on December 9, 2015, and that the mistake was discovered the following day. Attempts have been made to contact all 700 affected patients and to recall the misdirected letters.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Borgess Rheumatology is also taking action to ensure that similar incidents do not occur in the future. According to the media notice issued on February 5, the healthcare provider is taking “aggressive steps” to prevent future privacy breaches of this nature. Those steps include conducting further staff training to ensure staff members are fully aware of the safeguards that must be implemented to prevent HIPAA breaches.

Susan McDonald, Borgess Rheumatology’s Corporate Responsibility Officer & HIPAA Privacy Officer, said training had previously been provided to all staff members, and she confirmed that all employees are required to undergo annual training on HIPAA, corporate responsibility, and patient privacy. The mailing error has prompted Borgess Rheumatology to bring forward training and the company will be “re-educating and training staff on necessary safeguards.”

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist