Home page logo

isn logo Information Security News mailing list archives

Lost USB drive source of breach for Utah Medicaid patients
From: InfoSec News <alerts () infosecnews org>
Date: Thu, 24 Jan 2013 02:15:04 -0600 (CST)


By Editorial staff
Clinical Innovation + Technology
Jan 23, 2013

The Utah Department of Health (UDOH) has begun the process of notifying approximately 6,000 Medicaid clients that some of their personal information was misplaced by a third-party contractor. The contractor, Goold Health Systems, processes Medicaid pharmacy transactions for the UDOH.

In violation of department policy and its contract with the department, a Goold employee saved personal health information on an unencrypted, portable USB memory device and then left UDOH headquarters with the device, according to a release. The employee misplaced the device while traveling between Salt Lake City, Denver and Washington, D.C. Goold confirmed the data were missing on Jan. 15.

Personal information included in the data is limited to a Medicaid recipient’s name, Medicaid identification number, age (but not date of birth) and recent prescription drug use history.

The department is taking steps to protect the affected Medicaid identification numbers against potential fraudulent use. The Office of the Inspector General for Medicaid Services has been alerted to the situation and will also be monitoring for suspicious activity. In addition, the Office of the Health Data Security Ombudsman will commit its full resources to assisting affected clients in any way they need.


Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!

  By Date           By Thread  

Current thread:
  • Lost USB drive source of breach for Utah Medicaid patients InfoSec News (Jan 24)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]