Steve Keene reports:
The NCMS [North Carolina Medical Society] received information today that a significant security breach occurred involving the MedSolutions website. MedSolutions is the vendor for NC Medicaid that administers the high-tech diagnostic imaging pre-authorization program. For a period of time that has not been clearly defined the name, address, email, and taxpayer ID number (which in some cases is the physician’s Social Security number) for an undetermined number of NC physicians could be viewed on the MedSolutions website. Access to this information apparently was not limited to physicians or physician staff. Based on the information available at the time of this posting, any person with an email address could enter physician names and view the information. The NCMS is continuing to research the scope of the breach through MedSolutions and the NC Division of Medical Assistance. For now, all physicians who have identified themselves to MedSolutions should be aware that their personal information may have been accessible through the MedSolutions website. Appropriate steps should be taken to protect against fraudulent use of the information. NCMS is working aggressively to determine the scope of the breach and ensure that appropriate remedial steps have been taken.