San Francisco-based Blue Shield of California is notifying 18,000 physicians and healthcare providers whose Social Security numbers were mistakenly made public, according to a ComputerWorld report.
The Social Security numbers were included in provider roster filings the payer is required to send to the state's Department of Managed Health Care. The provider rosters were available under the state's public records law, according to the report.
The compromised information includes Social Security numbers, names, business address and telephone numbers, medical groups and practice areas. The information was released at least 10 times due to public record requests, according to the report.
The people requesting the rosters included other insurance companies, the companies' attorneys and two members of the media, according to the report. Marta Green, a DMHC spokesperson, said they are asking the requestors to destroy the CDs containing the compromised information, according to the report.
More Articles on Data Breaches:
9 Key Findings From OCR's Latest HIPAA Compliance Report
Florida Law Expands Data Breach Notification Requirements
DCH Regional Medical Center Employee Allegedly Stole Data From Computers