Generic selectors
Exact matches only
Search in title
Search in content
Search in posts
Search in pages
our-team
practice-areas
investment-products

Investigations

Goldman Scarlato & Penny Investigating Centene Security Lapse

Data Information of 950,000 Patients Missing

GSP, P.C. is investigating a possible claim on behalf of all persons whose private information was compromised as a result of the loss of six hard drives as announced by healthcare enterprise Centene Corporation (“Centene”) on January 26, 2016.

According to recent news reports, Centene lost six hard drives containing the personal records of almost 1 million patients.  The missing data from the Centene security lapse includes the names, addresses, phone numbers, dates of birth, social security numbers, membership details and health information of patients who received laboratory results between 2009 and 2015.  Centene claims the drives did not contain financial information or payment records.

Centene is listed as a Fortune 500 company.  It claims to be “a diversified, multi-national healthcare enterprise that provides a portfolio of services to government-sponsored healthcare programs, focusing on under-insured and uninsured individuals.”  But is it secure?

Recently, data breaches are running rampant and the health care industry has been on high alert.  While most companies are taking a closer look at data security, one has to wonder how such a big company can have such a lapse in security and misplace its hard drives.

Centene’s President and CEO, Michael F. Neidorff, stated that “Centene takes the privacy and security of our members’ information seriously. . . While we don’t believe this information has been used inappropriately, out of abundance of caution and in transparency, we are disclosing an ongoing search for the hard drives. The drives were a part of a data project using laboratory results to improve the health outcomes of our members.”  Granted, it was the right thing to do in taking the initiative to announce the loss, but it’s not possible for Centene to know whether the information has been used or will be used inappropriately.

The common fear is that the missing data has fallen into the wrong hands.  Patients fear possible embarrassment if friends and family learn their medical histories or that they may face trouble in securing healthcare insurance in the future.  However, the true impact could be more damaging and will take some time to be revealed. As we saw with the early 2015 data breach announcements by Premera Blue Cross and Anthem Inc., repercussions can be frightening. Coinciding with those two breaches were an alarming number of reports of stolen social security numbers being used to file false tax returns and claim refunds in the names of the persons whose identity was stolen. Potential fraudulent activity could also include health care fraud and obtaining credit cards in someone else’s name.

There’s not much Centene can do now other than check behind the bookshelves and in the trash cans.  It seems they are only now looking into tighter data security measures.  In an interview with the BBC, Centene refused to respond to “whether the information on the hard drives was encrypted” and how the loss occurred.  According to Centene, the search for the drives is “ongoing” and they are “beginning the process of notifying all affected individuals and all appropriate regulatory agencies.”  Free credit and health care monitoring will be offered as part of the notification to its customers, which may be too little, and too late.

If you receive a notice from Centene about the Centene security lapse indicating that your information was contained on the missing hard drives, please contact a GSP attorney to learn more about your rights. GSP attorneys are actively litigating data breach actions against Community Health Systems, Anthem, Premera, Intuit, United Shore and Target. Please contact Mark Goldman at goldman@lawgsp.com or Paul Scarlato at scarlato@lawgsp.com or call (484) 342-0700 with any questions you may have.  Please also check our websites:  www.lawgsp.com and www.anthemdataclassaction.com.

In our legal system, every person is innocent until and unless found guilty by a court of law or a tribunal. Whenever we reference “allegations” or charges that are “alleged,” such allegations or charges have not been proven, and are merely accusations, not findings of fault, as of the date of the blog. We do not have, nor do we undertake, a duty to continue to monitor or follow cases about which we report, and/or to publish subsequent updates regarding various developments that may occur in such cases. Readers are encouraged to conduct their own research regarding any such cases and any developments that may or may not have occurred in such cases. Also, the brokercheck report linked to some of our blogs is the up-to-date version as of the date of posting. Visitors may check the most recent version of each brokercheck report at www.finra.org.

Leave a Reply