A statement from ISMA:
The Indiana State Medical Association (ISMA) experienced the theft of two archive backup hard drives on Feb. 13, 2015. The equipment stored the ISMA group health and life insurance databases, which contained information on 39,090 insureds. This was a random criminal act that occurred while an ISMA employee was transporting the hard drives to an offsite storage location as part of the association’s disaster recovery plan. The theft was reported to the Indianapolis Metropolitan Police Department (IMPD), which is actively investigating.
The information on the stolen hard drives, which cannot be retrieved without special equipment and technical expertise, included identifying information such as name, address, date of birth, email address, health plan number, social security number and personal medical history information.
The ISMA sent notification letters to the individuals affected, which are current and former insureds of the ISMA insurance plans. Each individual notification letter explains the specific types of information involved, since not all records included social security numbers or medical history information. A copy of the letter sent to our insureds is included with this release.
The ISMA is offering one year of credit-monitoring and repair services to all persons affected at no cost to them. Those individuals can also call toll-free 888-774-3252 with any questions.
Although the ISMA’s insurance plans are through Anthem, this situation is separate from the recent cyber attack on Anthem. However, there is likely to be significant overlap between the two groups.
The ISMA has already engaged outside experts who are reviewing our internal processes to prevent future incidents. Additional information is posted at www.ismanet.org.
SOURCE: Indiana State Medical Association
In a separate statement to its members, ISMA writes:
An Important Message to our Valued Customers
The ISMA wants to inform you that we have experienced the theft of computer equipment. We are deeply sorry this incident occurred and apologize to our insured physicians, their families and staff, as well as our employees for the inconvenience this may cause.
This incident involves your personal information if you are or were a customer of the ISMA health or life insurance plans. Individual notification letters have been mailed to affected persons. The letters provide information about steps you can take to protect yourself if you were affected. The ISMA has contracted with ID Experts to offer you one year of credit monitoring and repair services at no cost to you. If you have questions or to enroll, call toll free 888-774-3252 (Mon-Fri 9am to 9pm EST) or go online at www.idexpertscorp.com/protect. To enroll, you will need the enrollment access code that is included in your personal notification letter. The call center and credit protection services enrollment will be available through Monday, June 8, 2015. We encourage anyone affected to take advantage of the free credit monitoring and repair services being offered and to call the toll free hotline with questions.
The ISMA takes this incident very seriously. The ISMA has already engaged outside experts who are evaluating our internal processes to prevent future incidents. We will continue to provide any additional details to law enforcement for their ongoing investigation. We sincerely apologize for any inconvenience this may cause you and we hope the following information can help answer some of your questions and concerns.
Click here to see the sample notification letter.
Click here for Frequently Asked Questions (FAQ’s) about the incident.