Health insurer Centene is missing six hard drives that contain the personal health information of 950,000 individuals, the company revealed Monday.
The breach compromised names, addresses, dates of birth, Social Security numbers, member ID numbers and health information of consumers who received laboratory services between 2009 and 2015. The drives were a part of a data project that used laboratory results to improve the health outcomes of Centene's members, Michael F. Neidorff, chairman, president and CEO of Centene, said in the company's announcement.
"Centene takes the privacy and security of our members' information seriously," he said. "While we don't believe this information has been used inappropriately, out of abundance of caution and in transparency, we are disclosing an ongoing search for the hard drives."
The insurer said it has started the process of notifying all affected members and appropriate regulatory agencies. In addition, Centene will offer free credit monitoring to all affected members and will review how it manages its IT assets.
Data breaches are becoming increasingly common for health insurers. Just last week, Blue Shield of California announced that a misuse of customer service representatives' log-in information exposed the personal data of 21,000 customers last year.
The industry also is a frequent target of cyberattacks, including those that have hit Premera Blue Cross, Excellus BlueCross BlueShield, CareFirst and Anthem. In response, the Blue Cross Blue Shield Association now offers free identity protection services to all its 106 million members. But as cybersecurity expert Mac McMillan previously told FierceHealthPayer, to truly solve their data security issues payers must focus more on proactive solutions to breaches rather than reactive fixes.
One way to protect healthcare organizations from cyberattacks is to implement multiple layers of protections that are backed by systems to detect hackers before they are able to breach a company's defenses, according to FierceHealthIT.
To learn more:
- here's the Centene announcement
Security breach exposes info of Blue Shield of California members
Simulation shows health plans must do more to prepare for cyberattacks
The key ingredient to cybersecurity: Layers
Survey: 81 percent of C-suite execs have seen cyberattacks at their facilities
BCBS Association's identity protection offer 'generous,' but does it go far enough?