[ Tuesday, August 18, 2015 ]
Colorado DHS Breach
Jeff [9:47 AM]
: The Colorado Benefit Management System, which coordinates Medicaid, food and welfare assistance for the state, suffered a second data breach
when letters were sent to the wrong addresses. It's not entirely clear if this is a HIPAA breach, but probably is. of the 3,000 or so affected individuals, some PHI was involved in about half of the disclosures. And since CBMS apparently provides services to Colorado's Medicaid program, it probably is an improper disclosure by a business associate of a covered entity. Ultimately, minimal information was disclosed, and to a limited loop of recipients, so it's probably a no harm, no foul situation. But it's another example of the need to be careful out there.
Blogger: HIPAA Blog - Edit your Template