Health Net, an insurance company that covers around 6 million consumers from across the United States, has announced that it has lost track of servers that contained sensitive information about it’s customers. It is the kind of information that could easily be used to commit identity theft. This is not the first time that Health Net has had this particular problem, either.
Consumers trust their health insurance companies with a lot of very important information. We give them our full names, (including our middle name, or initial). We give them our social security number, phone number, and home address. Over time, we give them a ton of extremely specific details about our health, which is accumulated every time we submit a claim for medical care that we received. We expect our health insurance company to take the proper precautions to protect this sensitive information.
Part of the reason why we expect that our information will stay private is because it is very personal. Few people are comfortable sharing vivid details about their health with strangers. The only exception to this truth seems to be when people decide to blog about it, but that is a whole different topic. The biggest reason why we trust that a health insurance company will take good care of our information is because we have given them exactly what a thief would require in order to steal someone’s identity. So, what happened at Health Net? This is under investigation by both the California Department of Managed Health Care and the State Insurance Commissioner for California, Dave Jones. Health Net is based in California, but insures customers from all around the United States.
IBM manages the information technology system for Health Net. IBM recently informed Health Net that it could not find several hard drives. This news caused Health Net to begin it’s own investigation, which revealed that it could not locate nine hard drives. Those hard drives contained records on both customers, employees, and health care providers. Health Net has stated that the missing hard drives contain addresses, financial data, and Social Security numbers.
It has been estimated that around 845,000 customers, in California alone, are affected by the loss of these records. That high number could be what prompted the investigations. Health Net has informed the customers who were affected by the lost hard drives about the situation, and is offering them two years of free credit monitoring services. Those services will include fraud resolution, restoration of credit files, and identity theft insurance.
This isn’t the first time that Health Net has lost track of the private information of it’s consumers. In 2009, an unencrypted disc drive was stolen from the Health Net offices in Connecticut. That disc drive had sensitive information from around 1.5 million people on it.
Image by florisla on Flickr