Home GDPR #Privacy: Health Share of Oregon discloses data breach
GDPR - February 7, 2020

#Privacy: Health Share of Oregon discloses data breach

A stolen laptop has led to the exposure of personal information of Health Share’s members. 

On November 18, 2019, GridWorks IC, Health Share’s contracted non-emergent medical transportation vendor, suffered a break-in and theft, to which on January 2, 2020, Health Share discovered that a laptop had been stolen. 

The laptop contained member information including members’ names, phone numbers, addresses, dates of birth, Social Security numbers, and Medicaid ID numbers. No personal health histories were exposed. 

It is reported that 654,362 individuals’ personal information is involved.

Subsequently, Health Share will be sending letters to impacted members notifying them of the breach and offering one year of free credit monitoring and identity restoration services. 

Members who receive a letter are strongly urged to take advantage of the services offered as Health Share cannot confirm whether the individual who took the laptop found or used members’ information. 

In response to the breach, Health Share will be enhancing training policies and ensuring that the transmission of patient information is kept to a bare minimum. In addition, Health Share is expanding annual audits with its contractors. 

“Though the theft took place at an external vendor, we take our members’ privacy and security very seriously. We are ensuring that members, partners, regulators, and the community are made fully aware of this issue,” said Maggie Bennington-Davis, MD, interim CEO and Chief Medical Officer. 

“We are committed to providing the highest quality service to our members, which includes protecting their personal information.”

The post #Privacy: Health Share of Oregon discloses data breach appeared first on PrivSec Report.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Check Also

CISA believes SolarWinds attack could have been prevented with simple countermeasures

The Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency…