Data Information of 950,000 Patients Missing
GSP, P.C. is investigating a possible claim on behalf of all persons whose private information was compromised as a result of the loss of six hard drives as announced by healthcare enterprise Centene Corporation (“Centene”) on January 26, 2016.
According to recent news reports, Centene lost six hard drives containing the personal records of almost 1 million patients. The missing data from the Centene security lapse includes the names, addresses, phone numbers, dates of birth, social security numbers, membership details and health information of patients who received laboratory results between 2009 and 2015. Centene claims the drives did not contain financial information or payment records.
Centene is listed as a Fortune 500 company. It claims to be “a diversified, multi-national healthcare enterprise that provides a portfolio of services to government-sponsored healthcare programs, focusing on under-insured and uninsured individuals.” But is it secure?
Recently, data breaches are running rampant and the health care industry has been on high alert. While most companies are taking a closer look at data security, one has to wonder how such a big company can have such a lapse in security and misplace its hard drives.
Centene’s President and CEO, Michael F. Neidorff, stated that “Centene takes the privacy and security of our members’ information seriously. . . While we don’t believe this information has been used inappropriately, out of abundance of caution and in transparency, we are disclosing an ongoing search for the hard drives. The drives were a part of a data project using laboratory results to improve the health outcomes of our members.” Granted, it was the right thing to do in taking the initiative to announce the loss, but it’s not possible for Centene to know whether the information has been used or will be used inappropriately.
The common fear is that the missing data has fallen into the wrong hands. Patients fear possible embarrassment if friends and family learn their medical histories or that they may face trouble in securing healthcare insurance in the future. However, the true impact could be more damaging and will take some time to be revealed. As we saw with the early 2015 data breach announcements by Premera Blue Cross and Anthem Inc., repercussions can be frightening. Coinciding with those two breaches were an alarming number of reports of stolen social security numbers being used to file false tax returns and claim refunds in the names of the persons whose identity was stolen. Potential fraudulent activity could also include health care fraud and obtaining credit cards in someone else’s name.
There’s not much Centene can do now other than check behind the bookshelves and in the trash cans. It seems they are only now looking into tighter data security measures. In an interview with the BBC, Centene refused to respond to “whether the information on the hard drives was encrypted” and how the loss occurred. According to Centene, the search for the drives is “ongoing” and they are “beginning the process of notifying all affected individuals and all appropriate regulatory agencies.” Free credit and health care monitoring will be offered as part of the notification to its customers, which may be too little, and too late.
If you receive a notice from Centene about the Centene security lapse indicating that your information was contained on the missing hard drives, please contact a GSP attorney to learn more about your rights. GSP attorneys are actively litigating data breach actions against Community Health Systems, Anthem, Premera, Intuit, United Shore and Target. Please contact Mark Goldman at [email protected] or Paul Scarlato at [email protected] or call (484) 342-0700 with any questions you may have. Please also check our websites: www.lawgsp.com and www.anthemdataclassaction.com.