On May 2nd, Molina Healthcare alerted 5,261 former members of Molina Healthcare of New Mexico of a data breach that took place around March 18, 2014. A postcard mailing about the Health Insurance Marketplace was sent to these former members that contained their address and possibly their social security number, which was inadvertently printed on the postcard, resulting in a PHI breach. The company found out about the mistake on March 24th.
According to a report from the Albuquerque Journal, Creel Printing, who was contracted with Molina to print the postcards, included tracking numbers on the cards that contained the social security numbers, but not the names, of the recipients. The report cites that Molina Healthcare was unaware of the misuse of the information and that the numbers were not identified as Social Security numbers when they were printed on the cards.
Molina Healthcare is a Fortune 500, multi-state health care organization that arranges for the delivery of health care services and offers health information management solutions to nearly five million individuals and families who receive their care through Medicaid, Medicare, and other government-funded programs in 15 states.
In a press release about the incident, Molina states that they “will be improving their processes and procedures…to make sure this does not happen again” and have instituted safeguards that ensure no future mailings expose protected health information (PHI). The also offered affected individuals free identity theft protection services for one year. Affected individuals have until July 31, 2014 to enroll.
