The San Francisco Human Services Agency has notified approximately 2,400 MediCal beneficiaries and the federal government about a breach of protected health information, including Social Security numbers.

"We learned on December 7, 2010, that a former employee of SF-HSA removed documents with confidential client information from SF-HSA and took them home," according to the agency's patient notification letter. "The former employee also e-mailed some documents to her home computer between 2006 and 2009 and shared some documents with her attorneys and union representatives as part of a legal action. We have recovered all of the documents and ensured that all copies have been destroyed or returned to SF-HSA. We have also obtained a court order prohibiting any disclosure or unauthorized use of the information in the legal matter."

The agency issued a press release and started mailing notification letters on Feb. 4. The San Francisco Examiner reports the former employee was terminated because of performance issues and was considering legal action. She took the records to prove she was dealing with a disproportionately high caseload, according to the newspaper.

In addition to Social Security numbers, the agency says breached information included case account number, client identification number, age or date of birth, address, eligibility status, aid codes (type of Medi-Cal) and case status. The agency says the risk of identity theft is very low but is arranging for free credit-monitoring services for affected beneficiaries.

More information is available at, then click on Public Notices and What is New.

--Joseph Goedert


Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access