Ann Arbor-based Michigan Medicine began notifying roughly 3,700 patients on Sept. 28 about a mailing error that may have inadvertently exposed their names and contact information.
The potential breach stemmed from a fundraising campaign the Michigan Medicine development office launched in early September. It contracted with a printing company to mail letters about the campaign to a large number of patients.
The hospital discovered on Sept. 4 that a portion of the letters had been incorrectly processed by the vendor, resulting in letters being mailed to the incorrect patient.
Information in the letters primarily included names and addresses, but some letters also included phone numbers or email addresses. No medical information, Social Security numbers, credit or debit card, or bank account numbers were exposed.
The errors stemmed from a change in the vendor's computers after new software had been installed. The vendor has since addressed the issue to prevent future errors, and the development office will begin using window envelopes to avoid the need to match letters to envelopes.