An internet hyperlink to an Indiana Health Coverage Program report containing Medicaid patient information was potentially accessible for nearly four months, according to the program's Medicaid fiscal agent DXC Technology.
DXC Technology discovered the potential exposure May 10. Patient names, Medicaid ID numbers, healthcare provider information, patient numbers, procedure codes, dates of service and payment amounts — all information the IHCP used for administrative functions — were accessible between February 2017 and May 2017.
DXC Technology did not specify how many individuals the exposure impacted, however, the company said it has taken steps to mitigate the situation and notify all affected individuals. Although DXC Technology does not believe any information has been or will be misused, the company is offering one year of free credit-protection services to affected individuals.
DXC Technology told Becker's Hospital Review there is no additional information beyond its online notice at this time.
More articles on health IT:
Greenway Health EHR certified under latest ONC health IT criteria
UA medical school stages hack to raise physician cybersecurity awareness