Private medical data exposed in Georgia

Blue Cross and Blue Shield of Georgia, the state's largest health insurer, sent an estimated 202,000 benefits letters containing personal and health information to the wrong addresses in a privacy breach that also raised concerns about potential identity theft. The insurer said that the erroneous mailings were primarily Explanation of Benefits letters, which include the patient's name and ID number, the name of the medical provider delivering the service, and the amounts charged and owed. The security breach may be a violation of the federal Health Insurance Portability and Accountability Act of 1996.