25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Louisiana Healthcare Connections Breach Affects 13K Medicaid Recipients

Posted By on Feb 5, 2016

Louisiana Healthcare Connections (LHCC) is notifying approximately 13,000 Medicaid recipients that some of their protected health information has been stolen by a former employee and disclosed to a third party. The data breach affects individuals who have enrolled in LHCC in the Acadiana Region of Louisiana.

LHCC became aware of the data breach on December 3, 2015, after being notified of a potential security breach by the Louisiana Attorney General’s Medicaid Fraud Control Unit. The fraud control unit was conducting an investigation into Medicaid fraud that involved data taken from LHCC.

LHCC was informed that an individual had fraudulently gained access to LHCC’s provider website and had downloaded a list of patients. The individual in question worked at a physician’s office, and had used the login credentials of another person to gain access to patient data and had downloaded a list of approximately 13,000 patients. That list was subsequently provided to another individual who was not authorized to view the data. The patient list was unlawfully downloaded on March 3, 2015.

The list included patient names, phone numbers, addresses, Medicaid ID numbers, Medicaid effective dates, and dates of birth of patients. Some of the patients on the list also had other information exposed, such as the number of times they had visited the emergency room and their current medical condition. No Social Security numbers, financial information, or credit card numbers were exposed.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

To protect patients from identity theft and fraud, all affected individuals will be offered credit monitoring and identity theft protection services without charge. The Louisiana attorney general’s office believes the data was taken with a view to defrauding Medicaid. An individual was arrested on Wednesday January 27, 2016., and faces charges of conspiracy to defraud Medicaid and stealing healthcare data.

In an effort to reduce the probability of similar data breaches of this nature occurring in the future, Louisiana Healthcare Connections will be reviewing its information security protocols and will take steps to ensure that patient data is better protected.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist