The Wisconsin Department of Health Services (DHS) today announced that on August 8, 2022, as part of a cybersecurity incident investigation, DHS was notified that a presentation emailed to the DHS Children’s Long-Term Support Council in April 2021 contained protected health information. This presentation was forwarded to employees working for county government agencies in Rock and other Wisconsin counties and posted to the DHS website as part of the meeting minutes. Information that was potentially exposed includes the first and last name, date of birth, gender, county location, Wisconsin Medicaid member ID number, and social security number of affected members of Wisconsin Medicaid.
After discovering what happened on August 8, 2022, DHS immediately removed the meeting minutes from the website and replaced them with a PDF version, which removed access to the protected health information. Additionally, DHS took steps to confirm that individuals who received the minutes via email deleted the files. DHS will continue to investigate and work to prevent such incidents from occurring in the future.
On October 7, 2022, notifications were mailed to 12,358 Wisconsin Medicaid members whose information may have been accessed by unauthorized individuals. These members have been offered free credit monitoring for one year as well as given access to a dedicated call center to answer questions they might have.
Members who received a notification letter or have questions about this incident can call 833-875-0804 from 8 a.m. to 8 p.m. CT Monday through Friday.
Source: Wisconsin DHS