VGM Homelink

A business associate (BA), Tri State Adjustments, of the covered entity (CE), VGM Homelink, committed a programing error which resulted in individuals receiving the wrong billing statements. This breach affected approximately 1,400 individuals and included patients’ names, addresses, insurance information, and the medical equipment provided to them. The CE provided breach notification to HHS, affected individuals, and the media, and placed a notification about the breach on its website. The CE required its BA to implement new safeguards to prevent a similar breach from occurring. As a result of OCR’s investigation, the CE had its BA update its policy and procedures for Breach Rule notification.
Location of breached information: Paper/Films
Business associate present: Yes