25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Mississippi Division of Medicaid Announces Exposure of 5,220 Individuals’ PHI

Posted By on Jun 9, 2017

The Mississippi Division of Medicaid (DOM) has announced that 5,220 Medicaid recipients have had some of their protected health information (PHI) exposed via email as a result of an error with an online form service.

DOM discovered that the online form service was sending emails containing PHI to staff members, but those emails were not encrypted. The online service was used by staff members to create forms that were posted on its medicaid.ms.gov website. When a form was submitted via the website, emails containing the form information were sent to designated staff members.

Once the emails were received they were securely stored; however, it is possible that the information contained in the emails could have been intercepted in transit and could have been accessed by unauthorized individuals. DOM stopped using the online service once the error was discovered and all forms were removed from the website.

The service transmitted six different online forms. Those forms contained the following PHI elements: Names, addresses, phone numbers, dates of birth, email addresses, health insurer names, admission dates, enrollment dates, medical conditions, Medicare and/or Medicaid identification numbers and Social Security numbers. The online form service was used between May 2, 2014 and April 10, 2017.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

While PHI was exposed as a result of the error, DOM says there is no reason to believe that any PHI has actually been viewed or obtained by unauthorized individuals. Keith Robinson, DOM’s security officer, said, “It is highly unlikely that the data was compromised since the typical user would not know how to capture it during transmission.” He also explained that at the source and destination the information was secured.

In response to this incident, DOM will be strengthening its technological safeguards to prevent any future incidents of this nature from occurring. DOM’s policies and procedures relating to privacy and security will also be revised.

As required by HIPAA, all individuals affected by the incident have been notified by mail. No credit monitoring or identity theft protection services are being offered due to the low risk of data compromise, although impacted individuals have been advised to check their credit reports carefully.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist