103,000 Doctor's Social Security Numbers Posted on Website by Accident

February 27, 2008

http://www.weau.com/news/headlines/16061387.html



NewsCenter 13 has learned local doctors may be at risk for identity theft.

The risk involves a national health insurance company and more than 100-thousand doctors in Wisconsin and ten other states.

The Vice President at Marshfield Clinic confirmed Wednesday afternoon that social security numbers for his doctors and thousands of others all over the midwest were posted on a website, accidently.

Dr. Doug Reding tells us the numbers were posted to a website by a company called Health Net Federal Services based in Rancho Cordova, California.

The company is a government contractor that deals with health insurance for military families and veterans.

Health Net Federal Services representatives told us Wednesday night the company notified 103-thousand doctors in eleven states that their personal information was openly posted on a company website.

The states involved include Wisconsin, Michigan, Illinois, Indiana, Ohio, Pennsylvania, Tennessee, Iowa, Missouri, Kentucky and West Virginia.

Director of Communications, Molly Tuttle, says the information was accidently posted to the website for about two months, and involved doctors who had filed a claim with the company between September of 2005, and September of 2006.

Tuttle says Health Net Federal Services is now paying for a year's worth of credit monitoring for the doctors involved, and is not aware of any circumstances where the personal information of any doctor has been obtained or used illegally.

Marshfield Clinic Vice President Doug Reding says the entire incident is disturbing.

"Anytime somebody maliciously gets access to personal information, including your social security number, you have concerns about how it might affect your credit rating, your credit card use, subscriptions to magazines, anything that somebody wants to pirate on behalf of your personal information can be at risk. So yeah, it's a concern not only for me personally, but also all providers in our system", Reding said.

Representatives with Health Net Federal Services gave us this statement tonight.

"Protecting the privacy of our providers. personal information is a critical priority at Health Net Federal Services. Unfortunately, in late December 2007, we were notified of potential vulnerability for us that provider data was accessible through our Web site that included social security numbers of a limited group of network and non-network providers.

Since that time, Health Net has sealed this data gap, notified the providers whose data was potentially accessible, and reported the incident to our customer. In an abundance of caution, Health Net hired outside IT security experts to test our security measures and found them sound.

Most importantly to these providers, Health Net has offered every provider a complementary one-year credit monitoring service through, Kroll, Inc. We take this matter seriously, and will continue to be vigilant in the constant pursuit of safeguarding our data.

We regret any alarm this may have caused the Marshfield Clinic and all others involved, and we want thank Marshfield Clinic for serving our country's military families in the Wisconsin area", the statement read.

Some doctors have complained in emails obtained by NewsCenter 13, that credit monitoring for a year isn't enough.

Marshfield Vice President Doctor Doug Reding told us the clinic may take that issue up with Health Net Federal Services in the future, to secure more long term protection for its doctors who are affected by the mistake.

The company told us tonight if any doctor experiences identity theft, the company contracted for the credit monitoring will also provide credit restoration services at no charge. That company is Kroll.


main page ATTRITION feedback