- Jersey City Medical Center recently publicized a Medicaid patient data breach that resulted from United Parcel Service (UPS) failing to deliver an unencrypted CD with patient data on it.
The CD, which held an unknown number Medicaid patients’ names and some Social Security numbers from 2011, was supposed to arrive at Jersey City Medical Center on June 16 but never arrived. At this point, no one knows where the CD ended up. The center, which is part of Barnabas Health system, according to njbiz.com, will offer a year of free credit monitoring to affected patients.
“While UPS has no evidence that personal information has been made available to any unauthorized parties, or misused in any way, patients are being advised to be aware of any suspicious activity and to monitor their credit reports and financial accounts.”
Based on the center’s comments, it appears as though there was a breakdown in protocols to locate and find lost packages. Jersey City Medical Center added that it has since reviewed its incident prevention technology to avoid future instances of breaches, so the assumption is that will attempt to encrypt patient data going forward. “We have followed up extensively with UPS regarding this incident, attempting to ensure that UPS has followed all of its internal procedures designed to locate missing packages.”