Michael Booth reports:
The state Department of Health Care Policy and Financing has lost thousands of applicant names on a computer disk for the second time in a year, triggering a public notice under federal privacy rules.
HCPF officials said the names of 3,590 medical-aid applicants were on the lost disk, though the data did not include dates of birth, Social Security numbers or other personal information that could lead to identity-theft cases. Some of the lost information includes health data protected under the privacy rules of the Health Insurance Portability and Accountability Act.
The data did include the addresses and the state identification numbers for the applicants. The disk was lost on its way between two state agencies, the HCPF notice said, and was discovered May 6.
Read more on Denver Post.
A notice dated June 30 on the agency’s web site says:
The Department of Health Care Policy and Financing announced today that a computer disk containing applicant name, state identification number, and address has been lost in transit between two state agencies. The computer disk did not contain dates of birth, social security numbers, or other financial information that could be used for identity theft or fraud.
State officials discovered the loss on May 6, 2011.
The department has determined that some of the information on the computer disk is considered Protected Health Information and is protected under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Approximately 3,590 applicants’ information was lost and applicants will receive notification by mail as required by HIPAA.