Home page logo

dataloss logo Data Loss mailing list archives

Lost USB drive source of breach for Utah Medicaid patients
From: security curmudgeon <jericho () attrition org>
Date: Thu, 24 Jan 2013 02:24:45 -0600 (CST)

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>


By Editorial staff
Clinical Innovation + Technology
Jan 23, 2013

The Utah Department of Health (UDOH) has begun the process of notifying 
approximately 6,000 Medicaid clients that some of their personal 
information was misplaced by a third-party contractor. The contractor, 
Goold Health Systems, processes Medicaid pharmacy transactions for the 

In violation of department policy and its contract with the department, a 
Goold employee saved personal health information on an unencrypted, 
portable USB memory device and then left UDOH headquarters with the 
device, according to a release. The employee misplaced the device while 
traveling between Salt Lake City, Denver and Washington, D.C. Goold 
confirmed the data were missing on Jan. 15.

Personal information included in the data is limited to a Medicaid 
recipient?s name, Medicaid identification number, age (but not date of 
birth) and recent prescription drug use history.

The department is taking steps to protect the affected Medicaid 
identification numbers against potential fraudulent use. The Office of the 
Inspector General for Medicaid Services has been alerted to the situation 
and will also be monitoring for suspicious activity. In addition, the 
Office of the Health Data Security Ombudsman will commit its full 
resources to assisting affected clients in any way they need.


Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list


Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

  By Date           By Thread  

Current thread:
  • Lost USB drive source of breach for Utah Medicaid patients security curmudgeon (Jan 25)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]