We recently blogged about a security breach on a Utah state computer server that revealed the personal information of almost 1,000,000 Utah Medicaid recipients. Now comes word that in early April a state worker in South Carolina accessed confidential information on Medicaid patients,
The South Carolina state worker, Christopher Lykes Jr., was arrested and charged with numerous crimes surrounding his acquiring of confidential personal information for more than 225,000 Medicaid patients. Mr. Lykes collected this information and allegedly sent it to his own personal, unsecured e-mail account. The data stolen included personal names, addresses, birth dates, Medicare ID numbers, and Social Security numbers.
Mr. Lykes was a project manager for the South Carolina Department of Health and Human Services, and apparently sent the information to at least one other person. After learning of the security breach, South Carolina officials sent notification letters to Medicaid patients who may have had their information compromised.
This security breach, along with the previous breach in Utah, highlights the problem with giving personal information. Both of these breaches happen because either an employee acted intentionally or unintentionally, yet both employees had access to confidential information. There is nothing the South Carolina Medicaid patients could have done to stop this from taking place. Computer security experts warn that such breaches may become more common in the future as more data is collected and stored on government or private computers.