Records of more than 17K Medicaid patients in New York compromised by employee

Share this article:

An employee with the New York State Office of the Medicaid Inspector General (OMIG) is suspected of forwarding more than 17,000 records to a personal email account.  

How many victims? 17,743 records of Medicaid recipients.

What type of personal information? Includes, but may not be limited to, first and last name, date of birth, Medicaid client information number and Social Security number.

What happened?  An employee is suspected of accessing the records and emailing them to a personal account.

What was the response? The OMIG notified each potentially compromised individual and sent each person a letter containing instructions on how to monitor credit and protect against identity problems. OMIG has devised tighter controls in its information technology department to limit access to data. All agency employees have been retrained on data security.

Details: An employee is suspected of having made a personal decision, without agency involvement or authorization, to send the records of 17,743 Medicaid recipients to a personal email address. The employee is on administrative leave while the New York State Inspector General's Office conducts an investigation.

Quote: “OMIG expects all employees to act in a professional, ethical manner while in the workplace, and will not tolerate behavior that leads to the release of confidential information,” said Medicaid Inspector General James C. Cox in a release.

Source: omig.ny.gov, “OMIG Identifies Security Breach: Employee Suspected of Releasing Unauthorized Data,” July 15, 2013.

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in The Data Breach Blog

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

Transcript website flaw exposed personal data on 98k users

NeedMyTranscripts.com expose users' names, addresses and dates of birth, among other information, due to a site flaw that one user discovered.

Sourcebooks payment card breach impacts more than 5,000 customers

More than 5,000 customers had personal information stolen, but roughly 9,000 notification letters were sent out as a precautionary measure.

Cyberswim notifies customers that payment card data may be at risk

Malicious software installed on Sept. 24 may have compromised personal information for visitors that made purchases between May 12 and Aug. 28.