CA Investigating Latest Health Net Data Breach
Health Net says that it provides health benefits to approximately 6 million people in the U.S. through health plans and government-sponsored managed care plans in group, individual, Medicare Part D, Medicaid, Department of Defense and TRICARE and Veterans Affairs programs. Its behavioral health services subsidiary, Managed Health Network, Inc., provides behavioral health, substance abuse and employee assistance programs to approximately 5.4 million individuals.
Health Net also includes this statement: "To help protect the personal information of affected individuals, Health Net is offering them two years of free credit monitoring services, including fraud resolution and, if necessary, restoration of credit files, as well as identity theft insurance. These services will be provided through the Debix Identity Protection Network."
The files reportedly went missing from Health Net's data center in Rancho Cordova, near Sacramento.
This is the second time in less than a year that the large national health plan had a major breach of personal health information.
In January of this year, Health Net paid for the third time over its loss of a portable disk drive that exposed PHI of 1.5 million people. Vermont's state attorney general fined the insurer $55,000; the case included 525 Vermonters.
Health Net discovered the drive was missing May 14 but did not start notifying affected parties until more than six month later, the state AG's office reported.
Vermont Attorney General William Sorrell's January 14 complaint against Health Net, Inc., and Health Net of the Northeast, Inc. charges the insurer with violations of HIPAA, Vermont's Security Breach Notice Act, and the Consumer Fraud Act.
Regarding the same breach, Health Net not only settled with the Connecticut state attorney general's office for $250,000, but also with the Connecticut Insurance Commission. That state AG's office reached a settlement with Health Net in which the insurer had to pay the state $375,000 in penalties for failing to safeguard the personal information of its members from misuse by third parties.
Additional reporting provided by HCPro's Dom Nicastro.
Cheryl Clark is senior quality editor and California correspondent for HealthLeaders Media. She is a member of the Association of Health Care Journalists.
- MU Compliance Announcement Sparks Concern, Confusion
- New G-Codes to Pay Doctors for Broad Array of Non-Face-to-Face Care
- Scary Financial Challenges for 2014
- MGMA Urges 'End-to-End' ICD-10 Testing
- 1 in 5 CT Screenings for Lung Cancer Results in Overdiagnosis
- Telehealth Improves Patient Care in ICUs
- CMS Sets 2014 Pay Rates for Hospital Outpatient and Physician Services
- LifePoint Bolsters Presence in Michigan's Upper Peninsula
- States Rejecting Medicaid Expansion Forgo Billions in Federal Funds
- Douglas Hawthorne—A Chance to Do Something Big