A Blue Cross and Blue Shield Association employee broke protocol by transferring the names, addresses, Social Security numbers and provider identification numbers of about 800,000 doctors to his personal laptop.
Unfortunately, his computer was stolen from his car this past August but, as of yet, there haven’t been any signs of identity theft.
The affected physicians have been informed and, thankfully, no patient information was included in the database.
A representative for the health insurance company was quoted in the Chicago Tribune as saying: "At this point, we have no evidence that the data was misused. We think this was a random criminal act. Regardless, we take these kinds of breaches extremely seriously and so we are alerting all doctors in the database."
In an attempt to offset any negative consequences associated with the theft of the laptop, the Blue Cross association is offering crediting monitoring services to the individuals whose Social Security information was exposed.
It goes without saying that this is really a worst-case scenario, since so many could be affected by this breach and the laptop hasn’t been recovered. This is an unfortunate example of how the mistakes of a single person could after thousands of people.
In a situation like this, using a program like Computrace would be helpful since sensitive data can be deleted remotely and the Theft Recovery Team will work with local police to try to find the stolen laptop - and the thief who stole it. And once the they have the laptop back, Computrace can be used to help determine if files were accessed post-theft. While it would still be important to be vigilant for signs of identity theft, the risk would be considerably lower.