California Breach Cause: Missing CD

State Agency Alerts 30,000
California Breach Cause: Missing CD
The California Department of Health Care Services has notified nearly 30,000 individuals of a breach stemming from the loss of a compact disk that may not have been encrypted.

The CD includes personal information for members of the Care 1st Health Plan. The managed care plan on April 7 delivered the CD to the state agency, which administers the state's Medi-Cal (Medicaid) program, to identify Care 1st members who are also Medi-Cal beneficiaries.

On April 29, when the information on the CD was scheduled to be processed, it was determined to be missing.

The state agency requires its trading partners to encrypt any information submitted, but Care 1st cannot confirm that it encrypted the missing CD.

Although the agency believes the CD is still on its premises, and it has no indication of inappropriate access to personal information, it has notified the affected individuals as well as the Department of Health and Human Services' Office for Civil Rights, as required under the HITECH Act's breach notification rule. The state agency is offering the individuals affected one year's worth of free credit monitoring.

The agency says it has taken steps to eliminate the use of CDs to transmit personal information and instead rely on secure electronic transfers. Care 1st now submits information using secure electronic transfer, the agency reports.


About the Author

Howard Anderson

Howard Anderson

Former News Editor, ISMG

Anderson was news editor of Information Security Media Group and founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.