St. Luke’s Health System has notified 15,246 patients about an accidental disclosure of some of their protected health information. A technical error with a mailing resulted in letters being sent to incorrect mailing addresses. The letters that were sent to incorrect patients included the guarantor’s name, guarantor number, patient’s name, date of service, encounter-specific account number, outstanding balance and balance status. St. Luke’s Health System said the accounts were not in collections and are not accountable for the balances.
The error was identified and corrected, and additional safeguards have now been implemented to identify similar errors before letters are mailed. As a precaution against misuse of data, the accounts of affected individuals have been reset to provide additional time to resolve balances and affected individuals have been offered complimentary identity theft protection services for 12 months.