- The Michigan Department of Community Health (MDCH) announced on April 3 that it had experienced a patient data breach on January 30 or 31 when an encrypted laptop and unencrypted flash drive were stolen from a State Long Term Care Ombudsman’s Office employee.
According to the MDCH release, after learning of the breach on February 3, MDCH notified the 2,595 affected patients. Both devices remain missing and the flash drive contained living and deceased individuals’ names and addresses, as well as Social Security numbers or Medicaid identification numbers for 1,539 patients. “MDCH takes any potential breach of security with the utmost seriousness and sincerely regrets that this breach occurred,” said Nick Lyon, Chief Deputy Director of the MDCH. “We are working swiftly to notify any individuals who may have been impacted and with staff to tighten our security procedures going forward.”
MDCH is working with the LTC Ombudsman’s Office to provide patients whose Social Security numbers or Medicaid numbers were compromised. The two organizations are also making efforts to prevent future occurrences.
The State LTC Ombudsman program is reviewing its data security processes to prevent any future data breaches, and the MDCH is conducting additional training on data security, in particular portable electronic devices, for the Ombudsman’s office and MDCH employees.