An American health insurance provider has confirmed that it’s recently misplaced the personal medical records of almost a million of its policyholders, news which has sparked widespread customer concern and again serves to highlight the emotional frustrations felt by those who entrust such private details with health insurers. Along with names, addresses, policyholders’ dates of birth and specific health information regarding the individuals in question, Centene Corporation has admitted that a total of 6 hard drives containing social security and membership data has gone missing and remains unaccounted for, according to www.bbc.co.uk. While the corporation launched an immediate internal search on realising the significant error, it stressed that neither financial nor payment details belonging to the policyholders were stored on the drives which have been lost.
Stopping short of entirely ruling out the risk that the misplaced data could, potentially fall into the wrong hands and be facilitated in an inappropriate manner, Centene’s Chief Executive, Michael Neidorff nevertheless moved to reassure those policyholders’ whose private medical information has been breached that they were doing all that they could to establish the whereabouts of the hard drives, as part of the firm’s transparency. Describing what further roles the drives played, Neidorff said that they; “Were a part of a data project using laboratory results to improve the health outcomes of our members,” and with direct reference to the obvious client confidentiality issues raised, informed news sources that the drives held health data on about 950,000 people who had been in receipt of laboratory services between 2009 and 2015.
In response as to what Centene would offer policyholders affected by this serious lapse in patient/health insurance policyholder confidentiality practice, the company explained that it would make notifying policyholders its priority and said that it would also be offering them free healthcare monitoring. Fielding additional questions with regards to security procedures henceforth, and Centene confirmed that it would address this area with immediate effect and look to reinforce existing policy and protocols. As to whether or not the sensitive information logged on the hard drives was encrypted (a question posed by the BBC), Centene failed to provide answers.
Fear that Health Details of Sensitive Nature Could Fall into Wrong Hands, After Breach at US Insurance Policy Provider
Lawyers believe that due to the highly sensitive nature of the health information of its members found on the drives, Centene will be legally obliged to file a report for US regulatory authorities and will be handed subsequent fines should the date not be retrieved. Having said that the fact that Centene acted swiftly when discovering the lost data would help its case in the public’s eyes, although they feel that it won’t stop policyholders launching insurance claims for damages while the full extent of the problem is still being determined by all parties. Citing the key differences in terms of responsibilities, cause and effects, lawyers went as far as to say that in the event of the data being misplaced within the confines of the company itself, then damages will be significantly less than they would if it’s discovered that the information has been removed from Centene’s premises.
Experts state that Centene is in the business of affording those who are under-insured and/or uninsured health insurance solutions, effectively making medical data leaks even more damaging. In addition to the personal distress both the policyholders and their families will be subjected to, there’s also fears that in future those affected parties will find it even more of a challenge to secure health policies. From a security angle, the overriding concern is that should this data be accessed by the criminally intent, then the ensuing actions could result in individuals being conned into parting company with money, information and power by those whose purpose is to do harm. One of the largest health insurance security breaches to date was when some 1.1 million policyholders at another US-based health insurance provider, CareFirst were victims of hackers back in June 2015.