The personal financial information of 850,000 health care professionals was compromised when a laptop was stolen in late August from the Blue Cross Blue Shield Association.

The insurer said it discovered Sept. 2 that a laptop had been stolen Aug. 25 in the Chicago area. It delayed notifying the affected people so that it could assign credit-monitoring codes to the providers, a spokeswoman for Anthem Blue Cross and Blue Shield of Connecticut, which licenses the Blue Cross name, told the Hartford Courant for a Tuesday article.

A Blue Cross spokesman told the Courant that the provider data was unencrypted and had been put on the laptop by an employee, in violation of the association's policy. The employee hoped to work over the weekend and put the information on a personal laptop; the laptop was left in a car overnight, and the car was then burglarized.

Connecticut's attorney general, Richard Blumenthal, said he was upset at the delay in the notification to the 19,000 Connecticut providers. "These health-care professionals were left uninformed and unprotected for two months," he told the paper.

Blumenthal noted that although state law does not mandate a deadline for disclosing a breach, it does allow for fines in some situations.

Blumenthal has already convinced Anthem to extend its free credit-monitoring offer to two years instead of one, the paper reported.

This article can also be found at AmericanBanker.com.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access