Menu
Blue Shield discloses 18,000 doctors' Social Security numbers

Blue Shield discloses 18,000 doctors' Social Security numbers

A mistake left thousands of Social Security numbers in publicly available files

The Social Security numbers of roughly 18,000 California physicians and health-care providers were inadvertently made public after a slip-up at health insurance provider Blue Shield of California, the organization said Monday.

The numbers were included in monthly filings on medical providers that Blue Shield is required to make to the state's Department of Managed Health Care (DMHC). The provider rosters for February, March and April 2013 included the data and were available under the state's public records law.

"Because they did not recognize their error, Blue Shield did not mark the rosters as confidential or otherwise alert the DMHC to the inclusion of the SSNs," the Department of Managed Health Care said in a letter to affected individuals.

The rosters included the Social Security numbers of providers along with their names, business addresses, business telephone numbers, medical groups and practice areas, and were released 10 times as a result of public records requests. Combined with other information, SSNs can be used in identity theft.

The requesters were other insurance companies, their attorneys and two members of the media, said Marta Green, a spokeswoman for DMHC. The department is contacting the requesters to ask that they destroy the CDs that contain the SSNs in return for new CDs with the SSNs deleted.

Typically, such requesters are using the data to evaluate their competitors, she said. As such, there is a low possibility that the data would be used for unscrupulous reasons.

Blue Shield said on Monday that it learned of the mistake after being notified by the Department of Managed Health Care. It has worked with the agency to notify the affected providers and to offer them free credit monitoring for one year, said Sean Barry, a spokesman for the organization.

"We have taken several steps to prevent this mistake from happening again," Barry said.

DMHC said it has instigated new software routines that will attempt to detect when providers make such errors in the future.

Martyn Williams covers mobile telecoms, Silicon Valley and general technology breaking news for The IDG News Service. Follow Martyn on Twitter at @martyn_williams. Martyn's e-mail address is martyn_williams@idg.com


Follow Us

Join the newsletter!

Error: Please check your email address.

Tags securitydata breachBlue Shield of Californiahealth careindustry verticals

Featured

Slideshows

Sizing up the NZ security spectrum - Where's the channel sweet spot?

Sizing up the NZ security spectrum - Where's the channel sweet spot?

From new extortion schemes, outside threats and rising cyber attacks, the art of securing the enterprise has seldom been so complex or challenging. With distance no longer a viable defence, Kiwi businesses are fighting to stay ahead of the security curve. In total, 28 per cent of local businesses faced a cyber attack last year, with the number in New Zealand set to rise in 2017. Yet amidst the sensationalism, media headlines and ongoing high profile breaches, confusion floods the channel, as partners seek strategic methods to combat rising sophistication from attackers. In sizing up the security spectrum, this Reseller News roundtable - in association with F5 Networks, Kaspersky Lab, Tech Data, Sophos and SonicWall - assessed where the channel sweet spot is within the New Zealand channel. Photos by Maria Stefina.

Sizing up the NZ security spectrum - Where's the channel sweet spot?
Show Comments