DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Blue Cross Blue Shield of Florida notifies almost 7,400 members that their EOBs were sent to wrong addresses

Posted on March 6, 2011 by Dissent

A press release issued by Blue Cross Blue Shield of Florida, seen on SacBee:

In late January 2011, Blue Cross and Blue Shield of Florida (BCBSF) discovered that, because of a system error, it had inadvertently mailed some member health information to incorrect addresses. BCBSF regrets that this error occurred. BCBSF fixed the issue the same day it was discovered and current addresses are now in place for all of these members. BCBSF has evaluated its systems and made the appropriate changes to prevent this error from reoccurring.

The company recently converted to a new source of customer mailing address information. This new system tracks both prior and current member mailing addresses. During the system conversion, a limited number of old customer mailing addresses were inadvertently identified as the current addresses. Fewer than 7,400 members (out of nearly 4 million members) were impacted when their information was mailed to a former mailing address during the three month period since the system conversion. The mail sent to the former addresses included explanation of benefit forms. No social security numbers, date of birth or other financial information were included on the information sent to the incorrect addresses.

BCBSF has taken the appropriate steps to rectify this situation and has contacted the affected members. Members who think they may have been affected by this incident and who have not received any notification from the company should call this dedicated customer service number: 1-877-526-1013.

[…]

Okay, BCBSFL is certainly not the first insurer to report a mailing gaffe, and I understand why they issued the press release as this is a reportable breach under HITECH. Somewhat surprisingly, though, I do not see any notice prominently linked from their home page. Although such notice is not required if other methods of notification are used, it’s becoming pretty common for entities to post the breach notice on their web site with a prominent link to it on the home page.

Blue Cross Blue Shield of Florida was recently mentioned in another breach involving improper disposal of records. In that breach, which involved less than 500 applicants, BCBSFL did not issue any press release. Indeed, they didn’t even respond to my inquiry about whether they were in possession of the applications or if the discarded applications were still in the hands of the individual who had found them in a dumpster. If anyone has any additional details on that one, please post them or email me.

[headline corrected to reflect mis-mailing to wrong addresses]

Related posts:

  • Yet another mailing error from Blue Cross Blue Shield of Florida?
  • Blue Cross Blue Shield Association to offer all members nationwide free identity theft protection service
  • Mailing error by Blue Cross Blue Shield of Florida misdirects almost 7400 Explanation of Benefits Notices
  • Blue Cross of Idaho Notice of Privacy Breach
Category: Health Data

Post navigation

← MetLife fined and ordered to provide credit monitoring to consumers after breach
Hard drive from Alaska Dept. of Education with 89,519 students’ information stolen →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud
  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized
  • Bolton Walk-In Clinic patient data leak locked down (finally!)
  • 50 Customers of French Bank Hit by Insider SIM Swap Scam
  • Ontario health agency atHome ordered to inform 200,000 patients of March data breach
  • Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t
  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.