Indiana Medicaid members may have had their healthcare records compromised when a third-party vendor mistakenly made public a link to the data.
RTV6 reported that DXC Technology, the fiscal agent for the Indiana Health Coverage Program, made a hyperlink to a site containing patient information viewable to unauthorized personnel between February and May 2017. The information that was exposed included Medicaid ID numbers, names and addresses of the health care providers, patient numbers, procedure codes, dates of service, and payment amounts.
Indiana's Family and Social Services Administration, which manages the state's Medicaid program, has stated that no financial information or Social Security information was placed at risk. In addition, both DXC and the Family and Social Services Administration do not believe any of the patient information was stolen, but the agencies are sending letters to those possibly compromised as a precaution.