Yet another Blue Cross Blue Shield breach in the news this week, although it’s not clear yet whether any PII or PHI are involved (see update below). Joe Legge reports:
Monday, Blue Cross Blue Shield workers noticed something missing here at their Eastgate offices.
Dozens of computer hard drives weren’t where they were supposed to be. 68 drives to be exact.Authorities say a burglar alarm went off Friday… but Blue Cross didn’t report the possible theft until making a visual inspection days later. Sgt. Jerri Weary with the Chattanooga Police Department says “they could have been taken anytime during the weekend.”
[…]
A Blue Cross spokesperson says she doesn’t know if the missing drives contain private patient information.
Read more on WDEF news.
Cross-posted from PHIprivacy.net
Update: Today’s TimeFreePress reports:
The hard drives contained some encoded data, including voice recordings of eligibility and coordination-of-benefit calls used for training purposes, said spokeswoman Mary Thompson in a statement.
“The retrieval of member data from these drives would require highly-specialized expertise and software,” according to the statement. “Therefore, at the present time, we have no reason to believe that member data has been accessed.”
Should the company discover members’ personal information has been compromised, employees will notify members as soon as possible, Ms. Thompson said. A team is working to determine what personal information, if any, has been accessed.