Data breach affects thousands in Georgia Medicaid, PeachCare

Andy Miller

A health insurer’s data breach has affected 148,334 Georgians on Medicaid or PeachCare for Kids, state officials say.

That total includes current and former Medicaid and PeachCare members from 2009 to 2015.

The breach occurred when health insurer Centene lost computer hard drives containing about 950,000 individuals’ personal data, including name, address, date of birth, Social Security and member ID numbers, and health information.

Centene, based in St. Louis, is the parent company of Peach State Health Plan, which currently covers about 380,000 members of Medicaid and PeachCare in Georgia.

clipboard

Also affected by the breach were 1,113 individuals covered by Peach State in Georgia’s health insurance exchange, and 15 Medicare members, the state insurance department said Wednesday.

The state Department of Community Health said Centene will notify all affected individuals and offer free credit and health care monitoring.

Last week, Centene announced it was hunting for six missing computer hard drives.

“While we don’t believe this information has been used inappropriately, out of abundance of caution and in transparency, we are disclosing an ongoing search for the hard drives,” Michael Neidorff, CEO of Centene, said in a statement Jan. 26.

Neidorff said the drives were being used in a data project that sought to use lab test results to improve members’ health outcomes.

Data breaches in health care are not uncommon in the United States.

Forbes magazine, citing the federal Department of Health and Human Services’ Office of Civil Rights, reported recently that there were 253 health care breaches in 2015 that affected 500 people or more, with a combined loss of more than 112 million records.

Stethoscope on a computer keyboard

The biggest health data breach last year involved Anthem, the parent of Blue Cross and Blue Shield of Georgia, which affected nearly 80 million people nationally. All Georgia members – nearly 3 million – were potentially affected by the hacking incident, Blue Cross said at the time.

But a Blue Cross spokeswoman said Tuesday that no Georgia members’ information was compromised from that breach.

Centene, which focuses on the Medicaid program’s managed care business, has more than 4.8 million members in 23 states.