D’Ann Lawrence White reports:
A second employee has been arrested in connection with the theft of laptop computers from WellCare at 8724 Henderson Road in Town n’ Country.
The Hillsborough County Sheriff’s Office arrested Phillip Jovan Hill, 30, after he was accused of taking part in the theft of computer equipment from the health insurance provider.
Read more on Patch.
So he and another employee allegedly stole a lot (more than one dozen devices or drives) of hardware from WellCare. Surprisingly, the reporting doesn’t mention anything about whether there was any patient data on the hardware that was stolen and pawned. DataBreaches.net sent two email inquiries to WellCare’s media team this week asking whether there was any PHI on any of the stolen devices or drives. In response to the second email, this is the sum total of the response they sent:
WellCare takes the privacy and security of our members very seriously. We are currently working with law enforcement to fully investigate this matter.
So this site replied:
That’s not an answer, unfortunately, to a very simple question. Or are you telling me that WellCare doesn’t KNOW whether PHI was on any of the devices?
DataBreaches.net received no response to that email, which was sent three hours ago.
Does WellCare know whether there was any PII or PHI on those devices or doesn’t it know? This sounds like it has the potential to be a very problematic breach.