Healthcare Information Security

Latest Health Data Breaches News

Misprinted bills expose Penn patient information

By Nicole Freeman

- University of Pennsylvania Health System (Penn) patients received bills containing both their information and that of other patients, according to a report from

RevSpring, a Michigan-based billing vendor used by Penn, believes the misprinted bills were caused by a printing malfunction. While the front of the statements were printed correctly, the reverse contained a second patient’s information.

Penn stated that the information was limited to patient names, physician names, service and test information, and the amount owed by the patient, and did not include dates of birth, diagnoses, insurance numbers, or Social Security numbers.

While an exact number of affected patients was not given, Penn noted that it was more than 1,000.

RevSpring reported the error to Penn on December 5, and has since notified affected patients and investigated the incident to prevent a recurrence.

The Department of Health and Human Services (HHS) says it won’t penalize unintentional breaches that are corrected within 30 days, but it’s unclear whether Penn’s response the breach would be enough from HHS’s perspective.


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks

Continue to site...