Kentucky Medicaid clients' information might have been breached

mmeehan1@herald-leader.comDecember 28, 2012 

A computer security breach may have resulted in the release of information on 1,090 Kentucky Medicaid clients, including some Social Security numbers.

The Cabinet for Health and Family Services announced Friday that the clients will be receiving letters explaining the breach.

According to the cabinet, an employee of Carewise Health, a Hewlett-Packard Enterprise Services subcontractor that manages Medicaid's information management system, responded to a telephone computer scam in mid-November. That resulted in unauthorized remote access of the computer system.

There is no evidence that the confidential contents were accessed, but the hacker did have access to the employee's laptop for a brief period. The database that could have been accessed contained health and other information, including Social Security numbers for about half of the 1,090 people impacted.

Hewlett-Packard Enterprise Services is arranging for those affected to receive free credit monitoring for a year to detect identity theft.

The cabinet is required to notify clients individually of any potential breach involving more than 500 by the federal Health Insurance Portability and Accountability Act, more commonly known as HIPAA.

Individuals who believe their information might have been involved or who need additional information should contact Hewlett-Packard Enterprise Services at 1-877-298-6108 (select option 1). The phone number will be active for 90 days.

Mary Meehan: (859) 231-3261. Twitter: @bgmoms. Blog:

Lexington Herald-Leader is pleased to provide this opportunity to share information, experiences and observations about what's in the news. Some of the comments may be reprinted elsewhere in the site or in the newspaper. We encourage lively, open debate on the issues of the day, and ask that you refrain from profanity, hate speech, personal comments and remarks that are off point. Thank you for taking the time to offer your thoughts.

Commenting FAQs | Terms of Service