• Home
• Topics
  • Business and Finance
  • Chronic Disease Care
  • Consumer Information
  • Data Standards
  • EHRs and PHRs
  • Global Health
  • Health Plans
  • Hospitals
  • Meaningful Use
  • Mobile Health
  • ONC
  • Patient Safety
  • Physician Practices
  • Policy
  • Privacy and Security
  • Public Health
  • Telehealth
• Perspectives
  • Current Perspectives
  • Perspectives Archive
• Features
  • Current Feature
  • Features Archive
• Data Points
  • Current Data Point
  • Data Point Archive
• Special Reports
• Most Popular
  • Most Viewed
  • Most Emailed
  • Most Commented

EVENTS

View All Events

FROM THE FOUNDATION

Informing Choices, Improving Outcomes

The California Joint Replacement Registry collects data on device efficacy, surgical techniques, and patient outcomes for hip and knee replacements. A new report details how this CHCF-sponsored effort is faring.

On Friday, Utah Department of Health officials said that a recent data breach involved information on 181,604 Medicaid and Children's Health Insurance Program beneficiaries, more than the agency initially reported, the Salt Lake Tribune reports (Henetz, Salt Lake Tribune, 4/6).

Background

Last week, UDOH announced that a data breach occurred on March 30 as Utah Department of Technology Services technicians were exchanging computer servers.

Initially, the agency reported that the breach involved about 24,000 Medicaid files.

Stephen Fletcher -- executive director of UDTS -- said it appeared that "very sophisticated" hackers used passwords to access a server, but officials are uncertain about how the hackers bypassed security.

Michael Hales -- deputy director and Medicaid director for UDOH -- said the state's computer servers normally are protected with several security measures. However, the measures were not in place for the breached server.

Beneficiary data stored on servers like the one breached could include:

• Names;
• Birth dates;
• Addresses; and
• Social Security numbers.

Health care provider data on such servers could include:

• Names;
• National provider identifiers;
• Addresses;
• Tax identification numbers; and
• Procedure codes for billing purposes (iHealthBeat, 4/5).

Breach Update

UDOH officials said on Friday that although 24,000 files were stolen, each file potentially contains data on hundreds of beneficiaries (AP/Bloomberg Businessweek, 4/6).

Officials said that at least 25,096 beneficiaries "appear to have had their Social Security numbers compromised."

State Response

Hales in statement said, "We understand clients are worried about who may have accessed their personal information, and that many of them feel violated by having their information compromised." He added, "But we also hope they understand we are doing everything we can to protect them from further harm" (Conn, Modern Healthcare, 4/6).

Last week, UDOH spokesperson Tom Hudachko said the affected server has been shut down. Officials also said they are examining all state servers and reviewing policies to ensure that effective security measures are in place.

UDOH plans to mail letters to individuals whose records were compromised. In addition, those affected will receive no-cost credit monitoring services, according to Hudachko (iHealthBeat, 4/5).

• Print
• Email
• Share
  • Facebook
  • Twitter
  • Google+
  • LinkedIn
  • Digg

RELATED STORIES

04/05/2012

Utah Medicaid Data Breach Could Affect at Least 24,000 Individuals

03/27/2012

FTC Offers Guidance on Protecting Privacy of Consumer, Health Data

03/14/2012

BCBS of Tennessee To Pay $1.5M Over 2009 Health Data Breach

MOST POPULAR ARTICLES

• 
• 
•