"We learned on December 7, 2010, that a former employee of SF-HSA removed documents with confidential client information from SF-HSA and took them home," according to the agency's patient notification letter. "The former employee also e-mailed some documents to her home computer between 2006 and 2009 and shared some documents with her attorneys and union representatives as part of a legal action. We have recovered all of the documents and ensured that all copies have been destroyed or returned to SF-HSA. We have also obtained a court order prohibiting any disclosure or unauthorized use of the information in the legal matter."
The agency issued a press release and started mailing notification letters on Feb. 4. The San Francisco Examiner reports the former employee was terminated because of performance issues and was considering legal action. She took the records to prove she was dealing with a disproportionately high caseload, according to the newspaper.
In addition to Social Security numbers, the agency says breached information included case account number, client identification number, age or date of birth, address, eligibility status, aid codes (type of Medi-Cal) and case status. The agency says the risk of identity theft is very low but is arranging for free credit-monitoring services for affected beneficiaries.
More information is available at sfhsa.org, then click on Public Notices and What is New.
--Joseph Goedert
Be the first to comment on this post using the section below.