BreachExchange mailing list archives
Blue Cross blames vendor for breach of customer information in R.I.
From: Destry Winant <destry () riskbasedsecurity com>
Date: Fri, 14 Sep 2018 00:24:32 -0500
http://www.providencejournal.com/news/20180912/blue-cross-blames-vendor-for-breach-of-customer-information-in-ri PROVIDENCE, R.I. — Blue Cross & Blue Shield of Rhode Island has disclosed a breach of personal health-care information affecting 1,567 people that the insurer blames on an unnamed vendor responsible for sending benefits explanations, also known as health-care services summaries, to members. In a media release Tuesday afternoon, the insurer said that some summaries “were sent to the wrong BCBSRI member in the same household or on the same family policy ... In no case, however, was any information disclosed to anyone other than a family member or a person covered on the same family policy.” The mistake stemmed from Blue Cross’ use of a vendor “to combine healthcare service summaries for some members who were covered on the same policy in an effort to reduce the number of summaries members received. In mid-July, BCBSRI learned that in some instances, the summaries were being combined incorrectly by the vendor, resulting in summaries being sent to the wrong family member or other person covered on their family policy.” On discovering what happened, the insurer said, “we immediately directed the vendor to stop combining healthcare services summaries. For now, members are receiving an individual summary for each service while BCBSRI explores a long-term solution that would allow services to be grouped into one summary.” According to BCBSRI, summaries include a member’s name, the BCBSRI ID number, service provider, type of service provided and cost of a claim. “A member’s social security number and date of birth are not included in these summaries,” the insurer said. “We believe the risk of identity theft as the result of this issue is very low because social security number was not included and the person receiving the information was a family member or person covered on the same family policy.” In its statement, the insurer apologized and said it “takes the confidentiality of our members seriously.” Affected members will receive notification by mail and those with questions may call 1-800-639-2227. _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Blue Cross blames vendor for breach of customer information in R.I. Destry Winant (Sep 14)