New York City-based health insurer EmblemHealth agreed to pay New Jersey $100,000 to resolve allegations it disclosed the personal information, including Social Security numbers, of more than 6,000 residents, according to the New Jersey Division of Consumer Affairs.
Attorney General Gurbir S. Grewal said that under the terms of the settlement, EmblemHealth must implement significant compliance reforms aimed at safeguarding the confidential information of its policyholders. EmblemHealth's subsidiary Group Health is included in the settlement.
The agreement follows New Jersey's investigation into an alleged October 2016 privacy breach involving EmblemHealth. At the time, EmblemHealth improperly displayed the Medicare Health Insurance Claim Numbers of its members in mailings, the Division of Consumer Affairs alleged. Medicare HICN numbers mirror Social Security numbers, but are being replaced with a randomly-assigned 11-character Medicare beneficiary identifier composed of numbers and uppercase letters.
The breach allegedly affected 81,000 policyholders, with 6,443 of them residing in New Jersey.
More articles on payers:
CMS' final rule on risk adjustment payments: 3 things to know
BCBS of Wyoming customers overcharged due to banking error
ACA plan enrollment falls 11%: 3 things to know