HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

PHI of 3,000 Patients Exposed Due to Mailing Printing Error

Maximus Inc, a provider of business process management and technology solutions to government health and human services agencies, is alerting more than 3,000 individuals that some of their protected health information has been accidentally disclosed to other individuals as a result of a printing error on a recent mailing.

The mailing was prepared and sent by its business associate, Business Ink, between February 10 and February 13, 2018. The mailing was sent to approximately 1,100 families in Texas who participated in Medicaid and the Children’s Health Insurance Program (CHIP). The error was discovered by Maximus on February 16.

The 6-page letter included one mismatched page that included information relating to another individual. The types of information detailed on the page were limited to names, addresses, group numbers, case numbers, and program type. No highly sensitive information such as Social Security numbers, birth dates, insurance information, or financial information was exposed, and none of the information detailed on the mismatched pages would allow another individual to gain access to another person’s program account.

Since the information exposed was extremely limited, affected individuals do not need to take any action to mitigate risk. Notifications were issued out of an abundance of caution.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

Maximus has investigated the incident and has received assurances that its mailing vendor has strengthened its printing processes to ensure similar errors are prevented in the future. No reports have been received to suggest any of the disclosed information has been misused in any way.

According to Databreaches.net, 3,029 individuals had information impermissibly disclosed as a result of the printing and mailing error.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.