The Indiana State Medical Association says a data hardware theft could put more than 39,000 customers' data in jeopardy. The organization says the information cannot be retrieved without “special equipment and technical expertise.” March 9, 2015
INDIANAPOLIS, Ind. – The Indiana State Medical Association (ISMA) experienced the theft of two archive backup hard drives on Feb. 13, 2015. The equipment stored the ISMA group health and life insurance databases, which contained information on 39,090 insureds. This was a random criminal act that occurred while an ISMA employee was transporting the hard drives to an offsite storage location as part of the association's disaster recovery plan. The theft was reported to the Indianapolis Metropolitan Police Department (IMPD), which is actively investigating.
The information on the stolen hard drives, which cannot be retrieved without special equipment and technical expertise, included identifying information such as name, address, date of birth, email address, health plan number, social security number and personal medical history information.
The ISMA sent notification letters to the individuals affected, which are current and former insureds of the ISMA insurance plans. Each individual notification letter explains the specific types of information involved, since not all records included social security numbers or medical history information.
The ISMA is offering one year of credit-monitoring and repair services to all persons affected at no cost to them. Those individuals can also call toll-free 888-774-3252 with any questions.
Although the ISMA's insurance plans are through Anthem, this situation is separate from the recent cyber attack on Anthem. However, there is likely to be significant overlap between the two groups.
The ISMA has already engaged outside experts who are reviewing our internal processes to prevent future incidents. Additional information is posted at www.ismanet.org.
Source: The Indiana State Medical Association