FROM THE FOUNDATION

Patient Health Data, Understood

Most patient health records today are hard for consumers to understand. CHCF asked high-end designers what a "human-centered" approach might look like.

The Health Datapalooza

Register now for the June 5-6 HDI Forum III in Washington, DC, on health innovation that will include renowned speakers, breakout sessions, and an apps expo replete with demos, developers, and designers.

Privacy and Security

Tuesday, January 26, 2010

Tab for Response to Data Breach Hits $7 Million for BCBS of Tennessee

BlueCross BlueShield of Tennessee has announced that it has spent more than $7 million to respond to a security breach that might have compromised members' personal and health data, the Chattanooga Times Free Press reports.

Background

In October 2009, 57 hard drives were stolen from a company training facility. The hard drives contained audio and video files with identifying information for up to 500,000 members.

Officials say they have not encountered any evidence that the missing data have been accessed or misused.

The insurer has notified 220,000 BlueCross members about the data theft. The company also is offering no-cost credit-monitoring services for affected members.

In addition, BlueCross is working to notify attorneys general in 32 states about the breach. The 2009 federal economic stimulus package requires such disclosures about health data breaches.

Expenditures

BlueCross officials said 20,500 members already have signed up for the no-cost credit-monitoring services.

In addition, the company has hired more than 700 contract and BlueCross employees to help determine what data the hard drives contained.

The insurer said it might need to spend significantly more money to evaluate the missing data and provide additional identity protection services (Flessner, Chattanooga Times Free Press, 1/26).



Readers are also invited to send feedback to: ihb@chcf.org
Click to register for iHealthBeat

MOST POPULAR ARTICLES