Utah
Medicaid letters sent to wrong addresses; Utah health department reports data breach
Estimated read time: 2-3
minutes
SALT LAKE CITY — The Utah Department of Health and Human Services will be sending a personalized notification to 5,800 Medicaid recipients after benefit information may have been sent to the wrong addresses.
After a system coding error, State Mail and Distribution Services discovered on May 8 that some letters were stuffed in envelopes addressed to incorrect households, according to Kolbi Young, Department of Health and Human Services’ public information officer.
To best confront the issue, the department narrowed down which envelopes and letters may have been incorrectly addressed and discovered that 5,800 of the 530,000 Medicaid recipients statewide might have been affected — less than 1% of all Medicaid members in Utah.
Those affected will get a notification detailing the issues, information about any personal data included in the letter, actions they can take to secure their accounts, and contact information for other questions and concerns, according to a press release from the health department.
Out of the 5,800 people who may have been affected, Medicaid Health Insurance claim numbers for about 200 were on the letter, which for some, may have been a social security number, Young said.
Other information, such as the individuals’ addresses, first and last names and dates of birth were also included in the letter.
“We don’t believe that there is any anything malicious that would be done with that information,” Young said. “We are just recommending that they monitor their health care accounts to see if there’s any unusual activity — and that we are, for those less than 200 individuals, offering credit monitoring service.”
She said that while the error covered fewer than 1% of Utah’s Medicaid members, the health department will still submit the data breach report to the Office for Civil Rights within the U.S. Department of Health and Human Services, as the personal information data breach exceeded 500 people and thus falls under federal reporting requirements.
To prevent future errors, Young noted that Utah’s Department of Health and Human Services has fixed the coding system errors and will increase mail testings prior to sending out any letters.
“We are committed to protecting our members’ privacy, so we are doing all we can to not only notify them but ensure that this doesn’t happen again,” Young said.