Cynthia Silhol requested her own medical records from Brooksville, Fla.-based Oak Hill Hospital, but instead, she allegedly received 256 pages of a stranger's health information, WTSP reports.
The documents Ms. Silhol received contained an Ohio patient's name, address, date of birth, Medicare ID number and Social Security number, which Ms. Silhol believes constitutes a HIPAA violation.
Someone has since picked up the wrong medical records from Ms. Silhol's house, and she expects her records to be delivered May 10. "I'm very upset," she told WTSP. "I really am … I have no idea where my records are. Who got mine?"
Oak Hill Hospital, which is owned by Nashville, Tenn.-based HCA Healthcare, told WTSP: "Protecting the security of our patients' records is something we take very seriously, and we apologize for this mistake, which we are correcting … We have retrieved the patient record, we are conducting a process review to help ensure this doesn't happen again, and we will be notifying those affected."
More articles on cybersecurity:
The Oregon Clinic notifies patients to PHI breach following compromised email account
OIG finds holes in military's EHR security, facilities could be fined up to $1.5M
6 cloud-based systems in the City of Tulsa hacked