Oscar Health discloses data breach after mailing error

Oscar Health experienced a data breach it’s blaming on a printing vendor, the company disclosed Friday.

The health insurance company discovered on Nov. 23 that mail intended for some California policyholders may have been sent to the wrong customers. The letters include member names, provider information, dates of service, and types of procedures and services. Oscar Health didn’t name the vendor it says is responsible.

The paperwork doesn’t include Social Security numbers, driver’s license numbers or any financial information, according to a notice from Oscar Health.

Oscar Health determined the incident likely occurred between Oct. 28 and Nov. 16 and has “taken steps to address the matter with our print vendor,” the company reported.

Oscar Health did not respond to questions about what steps it has taken, the name of the vendor or how many members’ data were exposed.

“While we do not believe there has been a misuse of any personal information, we are notifying our affected members out of an abundance of caution,” the insurer’s notice says. “All mailings that may have been impacted by this incident have been re-sent accordingly. Additionally, we have sent individual notices to those members whose personal information was impacted by the event.”

At the time this article published, the incident had not been posted to the breach portal maintained by the Health and Human Services Department’s Office for Civil Rights. Under the Health Insurance Portability and Accountability Act, healthcare providers and insurers are required to disclose breaches affecting at least 500 people within 60 days of discovering them.

Oscar Health, founded in 2012, was one of four insurtechs to go public last year. The company had nearly 600,000 individual, family, Medicare Advantage and small-group plans policyholders as of September. The insurer also sells its technology platform to other payers and providers.

More healthcare data breaches occurred last year than any prior year on record, according to a review of data reported to the HHS portal. Through mid-December, HIPAA-covered entities reported 664 incidents, more than in all of 2020.



Source link

Leave a Reply

Blog article

What are CBG gummies good for?

Cannabigerol ( CBG ) gummies are a form of CBG available for consumption. They offer consumers CBG in an easy to use and edible format, for those who want the benefits CBG has without having to smoke it. Cannabigerol ( CBG ) Gummies as they’re known as, are a CBG product that is edible and […]

Read More
Blog article

Give Medicare direct contracting time to prove its value or expose its flaws

Healthcare experts have argued for years that we should move away from the dysfunctional, unsustainable fee-for-service Medicare reimbursement system and toward value-based models that incentivize better health outcomes such as reduced hospitalizations and post-acute care costs. Unfortunately, one of the federal Center for Medicare and Medicaid Innovation’s most promising value-based programs is facing a coordinated […]

Read More
Blog article

OSHA withdraws emergency enforcement of COVID vaccine mandate

The Occupational Safety and Health Administration is ceasing emergency enforcement of its COVID-19 mandate for large employers, but noted it’s not withdrawing it as a proposed rule. The withdrawal, which takes effect Jan. 26, follows the U.S. Supreme Court’s 6-3 decision on Jan. 13 to stop enforcement of the rule while appeals are pending at […]

Read More