Health Net Loses Information for 450,000 Clients
By LEANNE GENDREAU
Updated 3:24 PM EST, Wed, Nov 18, 2009
The personal information for almost half a million Connecticut residents could be at risk after a portable disk drive disappeared from Health Net six months ago.
The portable disk drive disappeared from Health Net’s Shelton office in May, Attorney General Richard Blumenthal said.
Health Net is a regional health plan and the drive included health information, social security number and bank account numbers for all 446,000 Connecticut patients, he said. The information had been compressed, but not encrypted, although a specialized computer program is required to read it.
Health Net officials said they were not able to determine which information was on the disk, so they investigated and learned the information was saved in an image format that cannot be read without special software, but it contained personal information for many past and present Health Net members.
Blumenthal said he’s “outraged” that the company never told customers or police and only told the AG on Wednesday.
Blumenthal is investigating and demanding that Health Net provide consumers with at least two years of identity theft protection, identity theft insurance, reimbursement for credit freezes and credit monitoring for at least two years for all 446,000 consumers.
The state Insurance Department is also investigating and looking for information, including what led to the disc drive disappearing, what information is missing, HealthNet’s security procedures and changes they plan.
Health Net will provide credit monitoring for more than two years, free to all the people impacted who decide to use this service. If customers find suspicious activity between May 2009 and the date the identity protection service starts Health Net will provide assistance. They have not received any reports of data misuse.
“Health Net’s incomprehensible foot-dragging demonstrates shocking disregard for patients’ financial security, as well as loss of their highly sensitive and confidential personal health information,” Blumenthal said. “Personal information is like cash and should be guarded with equal care. Casual and cavalier attitudes toward data protection and breaches are intolerable and must stop.”
"Protecting the privacy of our members is extremely important to us," Health Net officials said in a statement. "We apologize for any inconvenience or concern this may cause our members."
First Published: Nov 18, 2009 1:35 PM EST
You Might Like
You have 2000 characters left
