Healthcare Compliance Training and Certification

HIPAA News

19,570 Missouri Care Members’ PHI Exposed in Mailing Error

by | Sep 6, 2018

A mailing mistake that was sent to Missouri Care subscribers reminding them to reserve well-child visits has resulted in the accidental disclosure of the personal data of approximately 20,000 children to other Missouri Care subscribers.

The personal information included in the letters was restricted to children’s names, ages, and the names of their supplier’s. Health information and other sensitive data was not accessed, so the possibility the information to be misused is minimal. However, as a precautionary measure, parents and legal guardians of impacted children have been warned to closely review their credit card bills and account statements for any unusuals activity and told not to reply to any email requests asking for further personal information. Free credit monitoring services have been offered to all people impacted by the breach.

WellCare Health Plans Inc., identified the error on July 25, 2018 and initiated an investigation to deduce how the error happened and the clients that were affected. The mailing had been broadcast to 19,570 individuals, although it is unclear how many of those letters were incorrectly labelled.

The personal information that was exposed is classified as protected health information under HIPAA, and as such, the exposure of the data requires notifications to be issued to all affected people. Since the incident involved over 500 people, a media notice about the breach was also an obligation and was sent to the Kansas City Star.

In the letter which was sent, WellCare Health Plans VP and chief security and privacy officer stated “Missouri Care is deeply committed to protecting our members’ privacy, and we apologize for any inconvenience this incident may have caused.”

WellCare Health Plans Inc., said policies and processes for mailings have been audited and updated to stop similar incidents from occurring going forward.

This is the second incorrect mailing incident to impact Missouri Care members in the past 12 months. A similar mis-mailing incident occurred in August 2017, which led to the accidental disclosure of the PHI of 1,223 plan subscribers. In that instance, the error was made by a subcontractor hired for the mailing.

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

COMPREHENSIVE HIPAA TRAINING

Ryan Coyne

Ryan Coyne is a results-driven leader in the healthcare compliance industry, specializing in regulatory compliance, compliance training, and assisting healthcare organizations and business associates in achieving and maintaining compliance. With a deep knowledge of healthcare regulations and a keen understanding of the challenges faced by the industry, Ryan has developed a reputation as a trusted advisor and advocate for ethical and compliant practices in healthcare. Ryan has successfully advised and guided numerous healthcare organizations, business associates, and healthcare professionals on achieving and maintaining compliance with regulatory training requirements. Ryan's professional focus is using his in-depth expertise and leading a world class team of subject matter experts at ComplianceJunction in regulatory compliance to help organisations navigate the complex landscape of ensuring staff adhere to healthcare regulations. You can connect with Ryan via LinkedIn and follow on Twitter

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

Comprehensive HIPAA Training

Used in 1000+ Healthcare Organizations and 100+ Universities

    Full Course - Immediate Access

    Privacy Policy