Lost records again…
For a second time in 5 months, Wellpoint has lost privileged and confidential personal information of some of its members. According to the New York Times article "Medical Data on Empire Blue Cross Members May Be Lost," Wellpoint begun notifying 75,000 of its members by mail on Saturday that a CD holding their medical and personal information (including names and social security numbers) has been lost. Unfortunately, all the information on the CD was unencrypted.
What is even more unfortunate and disturbing is that Wellpoint has begun notifying its members this past Saturday (March 10) yet, the company was notified of this breach in privacy on Feb. 9th. Why the delay? Ostensibly to perform a preliminary investigation to identify the members whose information may have been on the disc.
This also raises the questions -- who exactly has access to our information? How safe is it?
The CD was lost as it was being transported to Magellan Behavioral Services, a subcontractor of Wellpoint which "specializes in monitoring and coordinating mental health and substance abuse treatments for insurance companies." As a result, a Magellan spokesperson said the company has adopted "a procedure to transmit this information electronically through a secure network, eliminating the CD and using a delivery service."
Consider this… opponents of Google creating a "health URL" believe their records will not be secure and that it can be easily hacked. Yet, is it more secure to have the records stored on a physical computer hard drive or transported via CD because of the "danger" of sending files electronically? Apparently, Magellan now believes it is safer to transport the files electronically.
Also, opponents have concerns over Google having this information. Yet, do you know exactly who has seen your records? If fill out your information at a doctor's office, or at a bank, or when filling out an application for a credit card—do you really believe it is just the one or two people reviewing your application/form who sees your information? Unfortunately, no. As in the case of Wellpoint, many companies you give your information to may need to share that information to their subcontractors in order to provide you with the services you need. This is not bad in and of itself, but you must understand there are many more people than you think who have access to your information.
Therefore, why not have your information on Google Health's "Health URL"? At least you are the one who controls the information you put in and who has access to it. In addition, isn't Google the only portal who hasn't had a security breach or lost/accidentally released any member information?
What is even more unfortunate and disturbing is that Wellpoint has begun notifying its members this past Saturday (March 10) yet, the company was notified of this breach in privacy on Feb. 9th. Why the delay? Ostensibly to perform a preliminary investigation to identify the members whose information may have been on the disc.
This also raises the questions -- who exactly has access to our information? How safe is it?
The CD was lost as it was being transported to Magellan Behavioral Services, a subcontractor of Wellpoint which "specializes in monitoring and coordinating mental health and substance abuse treatments for insurance companies." As a result, a Magellan spokesperson said the company has adopted "a procedure to transmit this information electronically through a secure network, eliminating the CD and using a delivery service."
Consider this… opponents of Google creating a "health URL" believe their records will not be secure and that it can be easily hacked. Yet, is it more secure to have the records stored on a physical computer hard drive or transported via CD because of the "danger" of sending files electronically? Apparently, Magellan now believes it is safer to transport the files electronically.
Also, opponents have concerns over Google having this information. Yet, do you know exactly who has seen your records? If fill out your information at a doctor's office, or at a bank, or when filling out an application for a credit card—do you really believe it is just the one or two people reviewing your application/form who sees your information? Unfortunately, no. As in the case of Wellpoint, many companies you give your information to may need to share that information to their subcontractors in order to provide you with the services you need. This is not bad in and of itself, but you must understand there are many more people than you think who have access to your information.
Therefore, why not have your information on Google Health's "Health URL"? At least you are the one who controls the information you put in and who has access to it. In addition, isn't Google the only portal who hasn't had a security breach or lost/accidentally released any member information?
Labels: GoogleHealth, Health URL, Magellan, wellpoint
posted by CareTALKGals(tm) at 3/14/2007 11:56:00 PM
0 Comments:
Post a Comment
<< Home