The San Francisco Human Services Agency notified about 2,400 Medi-Cal beneficiaries and the federal government about a breach of protected health information, including Social Security numbers.
“We learned on December 7, 2010, that a former employee of SF-HSA removed documents with confidential client information from SF-HSA and took them home,” according to the agency’s patient notification letter. “The former employee also e-mailed some documents to her home computer between 2006 and 2009 and shared some documents with her attorneys and union representatives as part of a legal action. We have recovered all of the documents and ensured that all copies have been destroyed or returned to SF-HSA. We have also obtained a court order prohibiting any disclosure or unauthorized use of the information in the legal matter.”
The agency issued a press release and started mailing notification letters on Feb. 4. The San Francisco Examiner reports the former employee was terminated because of performance issues and was considering legal action. She took the records to prove she was dealing with a disproportionately high caseload, according to the newspaper.
In addition to Social Security numbers, the agency says breached information included case account number, client identification number, age or date of birth, address, eligibility status, aid codes (type of Medi-Cal) and case status. The agency says the risk of identity theft is very low but is arranging for free credit-monitoring services for affected beneficiaries.
More information is available at sfhsa.org, then click on Public Notices and What is New.
* The information contained in this Blog is intended for general information and educational purposes only and does not constitute legal advice or an opinion of counsel.