SUNRISE, Fla., Aug. 20, 2021 /PRNewswire/ — South Florida Community Care Plan (“CCP”) in Sunrise, Florida announced today that it has taken action after becoming aware of unauthorized disclosure of certain member information. CCP is providing notice of this event to potentially impacted individuals, as well as certain regulators.
What Happened? On June 21, 2021, while reviewing a former employee’s email account, CCP discovered that the employee sent emails containing CCP internal documents to the employee’s personal email address in violation of company policy. Upon discovery, CCP launched an immediate investigation of the activity in order to determine the documents that were sent to the employee’s personal email address, as well as the information contained within the emails. CCP’s investigation has uncovered no evidence the employee was acting outside the scope of their employment in working with this information. On June 21, 2021, CCP determined the documents sent by the former employee, the individuals included in those documents, and the type of information related to each person.
What Information Was Involved? While the information varied depending on the individual, CCP’s investigation determined that the impacted information could have included the person’s name, address, date of birth, Member Identification Number, Primary Care Physician, diagnosis, procedure billing code, approved services, and/or procedure type.
What They Are Doing. The security of plan member information within CCP’s care is among its highest priorities. Upon learning of this incident, CCP took steps to ensure the safety and security of all information held on its systems and secure its email accounts. CCP took specific steps to ensure the former employee’s email and login access were revoked at the time employment ended; conducted a full audit of the former employee’s actions taken in its systems; recovered all company-issued equipment; and further audited the employee’s actions while employed at CCP to ensure no other non-sanctioned activities occurred. CCP also provided relevant regulatory notices, including notice to the Department of Health and Human Services. CCP is offering complimentary credit monitoring to those individuals who are impacted by the event.
What Potentially Affected Individuals Can Do. CCP encourages impacted individuals to remain vigilant against incidents of identity theft and fraud. CCP also encourages impacted individuals to monitor free credit reports for suspicious activity and to detect errors over the next 12 to 24 months.
SOURCE South Florida Community Care Network DBA Community Care Plan / Mullen Coughlin LLC
Seen on PRNewswire.