E-Mail:

CalOptima Loses Unencrypted Data

Tuesday, October 27th, 2009 by forsythe at 11:02am
1 Response (Add)

Encryption is really not that difficult. Really, it isn’t. Chris Pirillo even recommends programs that turns encryption into an easy process. An organization like CalOptima must have technology people who are familiar with the security benefits of encryption. It begs the question: ‘why isn’t it done?‘:

“… Personally identifiable information on about 68,000 members of CalOptima, a Medicaid managed care plan serving Orange County, Calif., may have been compromised after several CDs containing the information went missing earlier this month.

The unencrypted data on the CDs includes member names, home addresses, dates of birth, medical procedure codes, diagnosis codes and member ID numbers, and an unspecified number of Social Security numbers.”

link: CalOptima says data on 68,000 members may be compromised

Not only are the exposed data susceptible to identity theft, this makes medical identity theft simple. All the data are there. And medical identity theft simply can lead to deadly consequences.

Catherine Forsythe

Update: October 29, 2009: CalOptima recovers discs with personal data on 68,000 members

Tags
Categories

One Comment

Laer

October 29th, 2009
at 10:33am

This matter has been resolved successfully. From today’s Orange County Register healthcare blog:

Lost personal information of Medi-Cal members is found
October 29th, 2009, 6:00 am by Courtney Perkes

CalOptima, the county’s Medi-Cal provider, has found lost electronic claims records that contain identifying information belonging to as many as 68,000 members.

Discs of data were lost two weeks ago after being sent certified mail by CalOptima’s scanning vendor. When only the packaging arrived, but not the box with the discs, CalOptima notified the state. On Wednesday, the U.S. Postal Service located the discs in Atlanta, said Margaret Tatar, director of public affairs.

The discs were not password protected, but it appears no one accessed the confidential information, Tatar said.

CalOptima had planned to send letters notifying members of the lost information and offering them credit monitoring services. Anyone with questions should call 800-509-4225 or visit http://www.caloptima.org

The medical record data for adults and children included names, addresses, birthdays and some Social Security numbers.

What Do You Think?