The previous breaches occurred because of security lapses at the Utah Department of Technology Services. The new breach, confirmed on Jan. 15, happened when a contractor’s employee lost a flash drive that contained beneficiary names, ages, recent prescription drug histories and Medication identification numbers.
The employee, who worked for Medicaid pharmacy transactions processor Goold Health Systems, was having trouble uploading data to a server, so she saved the data to the flash drive, then lost the stick in transit, Goold CEO Jim Clair told the Salt Lake Tribune. The employee has been terminated, although Clair said she was “a terrific employee who made a mistake.”
The Utah Department of Health is offering affected beneficiaries identity theft protection services and will monitor affected Medicaid identification numbers for suspicious activity, according to a public notice.