• OSU Center for Health Sciences Announces Fourth Largest Health Care Breach of 2017
  • February 19, 2018
  • The Oklahoma State University Center for Health Sciences (OSU-CHS) just publicly announced a November 2017 data breach that resulted in potential unauthorized access to approximately 280,000 patients' Medicaid and health records. According to OSU-CHS, patient names, Medicaid numbers, healthcare provider names, dates of service and limited treatment information may have been included in the breach. OSU-CHS did point out that only a single social security number was potentially compromised. News reports indicate that the Center's forensic investigation could not confirm nor rule out whether the data breach perpetrator accessed patient information. Data breach notification letters were sent out this week to patients who may have been affected. Reports indicate that OSU-CHS has not advised the affected individuals whether they will be offered credit monitoring services or any other data breach remedies. This incident is the second major breach involving Medicaid data that has been publicly reported since January 1, 2018. Earlier this month, Florida's Agency for Healthcare Administration reported a data breach that impacted approximately 30,000 individuals as a result of a November 2017 phishing attack. This new publicly-acknowledged data breach once again serves as an example to all businesses and public entities, as well as their insurers, that any entity with personal health information, even if it does not include financial information or social security numbers, is at risk for a significant data breach -- and the accompanying costs and negative publicity that surround it.