Michigan Long Term Care HIPAA Breach Affects 2,595 Patients
The Michigan Department of Community Health (MDCH) has issued a notice of a data breach that occurred when a laptop computer and flash drive containing the personal information of about 2,595 patients were stolen from an employee of the State Long Term Care (LTC) Ombudsman’s Office.
The laptop and flash drive were stolen the evening of Jan. 30 or early morning Jan. 31, and MDCH learned about the breach on Feb. 3. Information on the laptop was encrypted; however, data on the flash drive was not and contained sensitive information regarding participants that the LTC Ombudsman’s Office serves.
The flash drive contained personal information about 2,595 living and deceased individuals, including names and addresses, and for some individuals, dates of birth. Of those, 1,539 records also included a Social Security number or a Medicaid identification number, MDCH officials said in the notice. The theft has been reported to the police, but, to date, the laptop and flash drive have not been recovered, they said.
All individuals with data on the flash drive are being notified so that they can monitor their accounts and other financial affairs for any unauthorized use. MDCH is working with the LTC Ombudsman’s Office to offer credit monitoring services at no cost to people whose Social Security number or Medicaid number were compromised. In addition, a credit file death suppression service is being offered to the families of deceased individuals to assist them in securing their deceased loved one’s credit file, officials said.
