LSU database gaffe leads to HIPAA breach
May 17, 2013 in Medical Technology
Siemens Healthcare and Louisiana State University at Shreveport are notifying 8,330 patients of a HIPAA breach following a database mishap that resulted in billing and treatment information being mailed to the wrong patients.
“The issue was discovered when LSU began receiving calls from patients saying their bills were incorrect,”according to a notice on LSU’s website. “After an investigation, it was discovered that an error had occurred in one computer data entry field. When printing statements, this error caused the names and treatment information for one patient to incorrectly align with another person’s mailing address.”
LSU Shreveport Spokesperson Sally Croom said a variety of medical treament data was included such as complete blood count tests, vaccinations and other medical tests. The letters did not contain Social Security numbers, financial data and dates are birth, Croom added.
Officials discovered the breach March 18. Notification letters were mailed to affected patients May 15.
When asked whether Siemens Healthcare or LSU were responsible for the error, Croom said they were unsure. “That’s a question that’s going to come up (in the future),” she said.
This story will be updated.