Mailing Error Exposes PHI of American Fidelity Customers

Oklahoma City-based American Fidelity Assurance Company has notified 2,664 customers that some of their data have been disclosed to other customers as a result of a mailing error.

The mailing error, which has been attributed to human error, occurred on February 15, 2015. American Fidelity mailed debit card substantiation letters to some of its customers which contained a section of information intended for other customers.

The information printed on the letters included names and addresses, employer names and ID numbers, dates of service, provider names, payment amounts, and the last four digits of another customer’s debit card number. The letters also included details of customers’ recent flexible spending account debit card usage. No Social Security numbers or dates of birth were included in the mailings.

Affected customers had their data exposed to another individual, although due to the nature of the incident and limited amount of data exposed, American Fidelity does not believe customers are at risk of data being used inappropriately.

Customers have been notified of the incident out of an abundance of caution and have been offered credit monitoring and identity theft protection service for a period of one year without charge.

American Fidelity has taken steps to reduce the risk of similar incidents occurring in the future and attempts are being made to recover the debit card substantiation letters to ensure they can be disposed of securely.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.