HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Missouri Care Notifies Medicaid Recipients of Subcontractor Breach

A mailing error by a subcontractor of Missouri Care Inc., has resulted in the protected health information of 1,223 participants being impermissibly disclosed to other individuals. The MO HealthNet-managed care plan was informed of the breach by O’Neil Printing on July 20, 2017. The privacy breach has been attributed to a software programming error.

The error potentially resulted in the names, birth dates, MO HealthNet ID numbers and Missouri Care member ID numbers of Medicaid recipients being mailed to incorrect recipients. The Missouri Department of Social Services has confirmed that Social Security numbers, financial information and medical information were not involved.

O’Neil Printing identified the cause of the error and has since corrected its software to prevent further mis-mailings. The error only affected mailings on July 11 and July 13, 2017.

Missouri Care has been working closely with MO HealthNet to ensure affected individuals were notified promptly. Letters informing participants of the privacy breach were recently sent in the mail, well within the deadline of the HIPAA Breach Notification Rule.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

There is no reason to suggest any of the disclosed information has been misused in any way, although out of an abundance of caution, all affected individuals have been offered complimentary credit monitoring services for 12 months, the cost of which will be absorbed by Missouri Care. Further information on measures that can be taken to reduce the risk of identity theft and fraud have also been provided to the privacy breach victims, such as monitoring Explanation of Benefits statements for any sign of fraudulent activity.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.