The names, addresses and some health information of 280,000 Medicaid enrollees in Pennsylvania could be at risk after two affiliated managed care organizations reported the loss of a hard drive from a portable computer.
The hard drive went missing in the corporate offices of either Philadelphia-based Keystone Mercy Health Plan or Harrisburg-based AmeriHealth Mercy Health Plan, the Philadelphia Inquirer reports. The two companies cover a total of 400,000 Medicaid patients in the state.
According to the Inquirer, the lost drive, used at community health fairs, contained health plan ID numbers and some health information of hundreds of thousands of members. It also held the last four digits of the Social Security numbers of 801 plan members.
"We take our responsibilities for safeguarding personal health information very seriously. We have taken immediate steps to strengthen our operational protections to ensure this doesn't happen again," Keystone Mercy Health Plan and AmeriHealth Mercy Health Plan President Jay Feldstein said in a written statement. Feldstein also heads Pennsylvania Managed Care Plans, which was not directly involved in the potential breach, the Inquirer reports.
The two health plans will provide credit monitoring to those whose Social Security numbers were placed at risk and will strengthen security practices. The Inquirer says that the insurers did not respond to numerous requests for additional details about the incident, which regulatory authorities have been notified or what the enhanced security will entail.
To learn more:
- read this Philadelphia Inquirer story