BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Medicaid contractor loses provider's personal information

From: Erica Absetz <eabsetz () opensecurityfoundation org>
Date: Mon, 11 Mar 2013 09:23:22 -0400
http://www.wral.com/medicaid-contractor-loses-provider-s-personal-information/12201020/

RALEIGH, N.C. — The contractor building North Carolina's over-budget
and overdue Medicaid billing system has lost a thumb drive containing
the personal information of thousands of Medicaid providers.

Officials with the North Carolina Department of Health and Human
Services and Computer Sciences Corp. announced the loss late Friday
afternoon.

According to DHHS, 1,182 North Carolina medical providers were
affected, but information regarding more than 50,000 providers
nationwide was compromised.

"The only providers involved are those prohibited by the federal
government from participating in the Medicare, Medicaid and all other
federal health care programs," the company said in a statement.
"Following a CSC-couriered interoffice delivery between CSC facilities
in North Carolina, a USB thumb drive of medical provider information
is unaccounted for. The provider data included provider names, Social
Security numbers, addresses and dates of birth and was stored
unencrypted on the thumb drive. The data does not include any
patient-related information."

Providers who have questions can contact a dedicated CSC information
hotline set up for this incident at 1-800-957-7154.

“We expect our vendors to maintain the security of information,” DHHS
Secretary Aldona Wos said in a statement. “I have instructed CSC that
North Carolina expects an independent third-party assessment to assure
CSC’s adherence to required security standards.”
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.
Previous By Date Next
Previous By Thread Next

Current thread: