The answer to the case was that it is indeed a breech if the other patient was not an employee. It would require notification to the patient who's info was sent in error.
IF the other patient was an employee, in the case the question the incorrect statement was sent to a HIPAA trained ICU nurse, this would not be a breech because the nurse was an employee and destroyed the errant statement.
"This instance is not a privacy breach because the circumstance falls within the exceptions to the statutory definition of breach.
1.Any inadvertent disclosure by a person who is authorized to access protected health information at a covered entity or business associate to another person authorized to access protected health information at the same covered entity or business associate, or organized health care arrangement in which the covered entity participates, and the information received as a result of such disclosure is not further used or disclosed in a manner not permitted under the regulations governing protected individually identifiable health information at 45 C.F.R section 164.500-164.534
2.Any unintentional acquisition, access, or use of protected health information by a workforce member or person acting under the authority of a covered entity or a business associate, if such acquisition, access or use was made in good faith and within the scope of authority and does not result in further use or disclosure in a manner not permitted under the regulations governing protected individually identifiable health information at 45 C.F.R section 164.500-164.534"
So there you have it. Thank you for responding