Security News > 2008 > January > Fallon Community Health Plan reports data breach affecting 30, 000 members

http://www.telegram.com/article/20080124/ALERT01/769284629 By Bob Kievra Telegram & Gazette Staff January 24, 2008 WORCESTER -- Fallon Community Health Plan said this afternoon the names, dates of birth and Medicare identification numbers of approximately 30,000 Senior Plan members was on a laptop computer stolen earlier this month from a Boston-based vendor of the HMO. The health plan said it will offer free credit monitoring services for 12 months to those affected by the data breach. Fallon health plan officials said the data was not password protected or encrypted, in violation of the company's policies. "I deeply regret that this incident occurred,'' said President and Chief Executive Officer Eric H. Schultz. "I sincerely apologize for the inconvenience and trouble this theft may cause our members.'' Mr. Schultz said the laptop containing Fallon's information was one of three computers stolen from a Boston office on either Dec. 31 or Jan. 1. The vendor discovered the theft Jan. 2 and originally said the material had been encrypted. But the health plan, with the assistance of a forensic technologist, came to the conclusion Jan. 14 that the information was not protected. The data does not include any financial information such as bank account or credit card numbers or any home addresses. But it does include Medicare identification numbers, which usually consists of the person's or his or her spouse's Social Security number. The vendor was using the data to ensure that Medicare claims were being appropriately processed, Mr. Schultz said. ___________________________________________________ Subscribe to InfoSec News http://www.infosecnews.org/mailman/listinfo/isn

News URL

http://www.telegram.com/article/20080124/ALERT01/769284629