Topics
Reimbursement
Senators urge action on physician payment cut before end of lame duck session
Senators urge action on physician payment cut
Revenue Cycle Management
Trends 2025: The demand for interim revenue cycle executives
Trends 2025: The demand for interim revenue cycle executives
Strategic Planning
Advocate spending $1 billion on new hospital and outpatient services
Advocate spending $1B on new hospital and outpatient services
Capital Finance
Cigna nixes speculation of a Humana merger
Cigna nixes speculation of a Humana merger
Supply Chain
Feds shore up healthcare supply chain in wake of hurricanes Helene and Milton
Feds shore up supply chain in wake of hurricanes
Accounting & Financial Management
MultiPlan refinances to extend debt capital structure
MultiPlan refinances to extend debt capital structure
Budgeting
Health system operating margins declined in August
Health system operating margins declined in August
Quality and Safety
American Heart Association launching HCM initiative
American Heart Association launching HCM initiative
Billing and Collections
CFPB warns of illegal tactics by medical debt collectors
CFPB warns of illegal tactics by medical debt collectors
Claims Processing
Denials top reason for eroding provider-payer relationship
Denials top reason for eroding provider-payer relationship
Workforce
Male physicians have more net worth than female counterparts
Male physicians have more net worth than females
Operations
Healthcare execs more optimistic heading into the new year, survey finds
Health execs more optimistic heading into 2025
Medical Devices
Healthcare chatbots may promote racist misinformation
Healthcare chatbots may promote racist misinformation
Hospital/physician relations
Hospitals, physicians submit opposing views to FTC ruling on noncompetes
Hospitals, physicians submit opposing views to FTC ruling
Construction & Facilities Management
Children's Medical expands with new patient tower
Children's Medical expands with new patient tower
Compliance & Legal
Nebraska sues Change Healthcare over ransomware attack
Nebraska sues Change over ransomware attack
Policy and Legislation
Telehealth gets short extension, physician pay is cut in spending bill
Telehealth gets short extension, physician pay is cut in spending bill
Community Benefit
AMA pushes for stricter standards for hospital charity care policies
AMA pushes for stricter standards for hospital charity care policies
Accountable Care
NAACOS pushes ACO REACH extension after $1.54B in savings
NAACOS pushes ACO REACH extension
Acute Care
SDOH, tech key to advancing value-based care, says UHG
SDOH, tech key to advancing value-based care
Ambulatory Care
Cleveland Clinic and Amazon One Medical collaborate on primary care clinics
Cleveland Clinic and Amazon One Medical collaborate
Analytics
Interoperability in healthcare moving forward despite challenges
Interoperability in healthcare moving forward despite challenges
Business Intelligence
HIMSSCast: Research as restorative physician medicine
HIMSSCast: Research as restorative physician medicine
ICD-10 & Coding
Physician practices examine risk adjustment coding in wake of federal lawsuits
Practices keeping close watch on risk adjustment coding
Meaningful Use
Financial disincentives for providers who commit information blocking 
Financial disincentives for providers who commit information blocking 
Medicare & Medicaid
Andrew Witty on defense over claim denials, Medicare Advantage
Andrew Witty on defense over claim denials, Medicare Advantage
Patient Engagement
HHS, Illinois reach agreement on disability rights laws
HHS, Illinois reach agreement on disability rights
Pharmacy
Senate bill proposes to rein in PBMs by forcing them to sell pharmacy businesses
Senate bill proposes to rein in PBMs
Population Health
Weight loss drugs can save patients and healthcare dollars
Weight loss drugs can save patients and healthcare dollars
Risk Management
UPMC for You partners to offer Medicaid redetermination coverage in laundromats
UPMC for You offers Medicaid redetermination coverage in laundromats
Telehealth
Trends 2025: Telehealth's future faces a Friday deadline
Trends 2025: Telehealth's future faces a Friday deadline
Mergers & Acquisitions
Elevance closes deal to buy IU Health Plans
Elevance closes deal to buy IU Health Plans
View more
Feb 15, 2018 More on Compliance & Legal

After $3.5 settlement over HIPAA violations, Triple-S reports mailing breach

In early December, Triple-S Advantage discovered that notices sent in November to providers were mailed to the wrong address.

Beth Jones Sanborn, Managing Editor

Roughly two years after getting hit with a $3.5 million settlement with the Health and Human Services Office for Civil Rights for widespread failure to safeguard patient's protected health information, Puerto-Rico based insurance company Triple-S Advantage has reported another breach, this time in the form of a mailing gone wrong.

In early December, Triple-S Advantage discovered that notices sent in November to providers involved in treating the insurer's members were mailed to the wrong address, compromising the protected health information contained in the notices. The company investigated the misstep and has taken steps to ensure future notices are mailed to the proper addresses. This included a correction of the mailing process and completion of a test to send the letters to the correct addresses. The social security numbers and dates of birth of members were not disclosed, the company said.

The company said they have not received any indication that the information has been accessed or used by an unauthorized individual. Triple S suggested that members review Explanation of Benefits notices to make sure that the services listed are accurate. They also told members to make sure they continue to receive documents that are normally received regarding healthcare services or benefits.

"Triple-S Advantage has a strong commitment to protecting the confidentiality of our members' sensitive information. We take information privacy very seriously and it is important to us that our members are made fully aware of a potential privacy issue. We have learned that personal information of some of our members, including their name, health plan identification number, date of service in which treatment was provided, and treatment codes describing the service provided was mailed to the wrong address," the company said in a statement.

This latest incident does not bode well for a company already under a corrective action agreement with OCR as a result of a settlement over widespread HIPAA violations related to a company-wide failure to keep safe the PHI of members on the part of Triple-S and its subsidiaries. This included failure to implement appropriate safeguards for PHI, disclosure of PHI to outside vendors and the disclosure of more PHI than was needed for a particular mailing. 

To achieve good-standing with OCR, Triple-S is required to create a risk analysis and risk management plan; processes to identify and address environmental or operational changes affecting PHI security; policies and procedures to facilitate HIPAA compliance; and a training program for all workforce and business associates.

Twitter: @BethJSanborn
Email the writer: beth.sanborn@himssmedia.com

News
Healthcare organizations ask HHS to delay quality measure reporting for ACOs Healthcare organizations ask HHS to delay quality measure reporting for ACOs The American Hospital Association and American Medical Association are among the 11 organizations signing the letter.