In a developing story, it has recently been reported that in the past few weeks over 200,000 people insured through Blue Cross in the state of Georgia have had their personal information compromised.  It appears that a mix up in the mailing system resulted in benefit letters being sent to the wrong people.  In some instances, people received multiple benefit letters from a number of people.  While this information is still only in its initial stages, certain people affected are already talking about pressing charges against Blue Cross while there are murmurings about the possible repercussions the company will receive for violating HIPAA regulations.

While the total number of affected individuals is over 200,000, the number of people who might have their identity stolen is a smaller figure.  Although no exact total has been given, only some of the letters contained the social security number of the patients.  However, the tradeoff is that every letter contained name, address, patient ID number, recent medical tests conducted, some diagnosis, and billing information.  This billing information can contain the full credit card or bank account number where previous transactions have taken place.

The mix up in the mailing system came about through a change in the computer system that was not adequately tested before it went into effect.  As a result, Blue Cross is working with its parent company, WellPoint, to make sure that adequate security measures are added to the computer systems so that future problems do not result.  A large concern for Blue Cross and many people is that the company represents many teacher unions and large companies throughout the state.  Blue Cross was unwilling to provide a list of these major businesses when they were contacted earlier in the day.  The company has assured the public though that they are working with investigators to limit the damage done to people’s lives.  They are compiling information about everyone affected and the names and addresses of everyone who received the information incorrectly.  The company has also set up a hotline that people can call in order to report that they have been a victim of identity theft or to report that they received a letter for someone else.  Blue Cross will then send out a postage paid envelope to get the return of that information.

Blue Cross has said that it will provide a years worth of free credit monitoring to those people whose social security numbers appeared on the letters.  This type of service is provided through ID theft services, such as Lifelock.  Lifelock and other companies maintain contacts with all three credit bureaus and alert their customer whenever a new application is filed, such as a credit card or loan.  It then verifies that the customer is the one submitting this information.  if it proves to be a fraudulent attempt, it is stopped before it goes through and prevents identity theft from happening.

Tags: Blue Cross, lifelock

This entry was posted on Friday, August 8th, 2008 at 9:27 pm and is filed under Corporate Breaches, Government Breaches, Individuals. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.