Indiana Medicaid data breach may affect an “undisclosed” number of patients
data breach

Data Leak Lawyers - Begin Your Data Breach Claim Today!

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Indiana Medicaid data breach may affect an “undisclosed” number of patients

Medicaid was started in the U.S to help families and individuals who struggle to pay for medical care. The social healthcare program is run by the government and provides financially limited people with free health insurance.

As we know, organisations like this are just as vulnerable as others to data breaches, data leaks, and cyber hacks.

In this instance, patient data was reportedly accidentally made live through a hyperlink (internet web link). The hyperlink was publicly accessible, meaning anyone who clicked on it could see the medical information contained on it.

The leaked data included:

Patient names Medicaid identification numbers
Patient contact telephone numbers Names of healthcare providers
Addresses of healthcare providers Procedure codes
Dates of service Payment amounts from Medicaid to healthcare providers

Extent of the breach

Administrators of the organisation looked into the incident and confirmed that no financial data, patient address or social security details were compromised. They also believe that no information was stolen; but this may do very little to reassure patients. Public access to the information listed above can have some very concerning consequences.

Procedure codes can allow the public to see what medical treatment patients have had. Whilst this may not sound like valuable information, an affected patient could (subjectively) take a very different view. As the service is provided for people with limited resources, they may not always appreciate this information being made public.

The organisation and its associated bodies have said they have “no reason to believe this information has been or will be used inappropriately.” If only the world worked that way…

Medical data breaches continue to rise

In recent years, medical and health data breaches have continued to take the top spot as the sector with the most breaches. Whilst is can be understood that a large number of these breaches may have been caused by administrative errors, cyber criminals are also increasingly targeting hospitals and other healthcare institutions.

Medical records can be very valuable on the so-called “dark web” where information can be exploited in several ways. Information could be sold to fraudsters for identity theft purposes, or fraudsters could specifically target victims and pose as legitimate companies.

With medical records, some patients have an understandable desire to keep their medical ailments confidential. Cyber criminals can target these patients or the data holders and blackmail them by extorting money with the threat of sending private and sensitive information to others unless they pay the demand. This is often known as “ransomware”.

Patients notified

Patients have been notified of the breach and the potential risk they may be at as a result of the publicised information. DXC technology, who are entrusted with the organisation’s IT services, made a statement in response to the incident:

“While DXC Technology has no reason to believe this information has been or will be used inappropriately, DXC has taken steps to offer one year of credit-protection service to impacted individuals at no cost.”

A notification email and an offer of free cyber security protection for a year may not be enough to cover the risks the patients have potentially been subjected to. Data protection victims can have a right to seek financial compensation to help deal with the consequences of a data breach. Whilst no amount of money may “undo” the breach and make it like it never happened,  it can go a long way in recognising the harm the patient has suffered psychologically and cover any financial losses incurred.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy
Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon