4.9 million Tricare patients data exposed in data breach
About 4.9 million patients treated in San Antonio area military treatment facilities since 1992 have been affected by a health information breach involving the theft of backup tapes for electronic health records, federal officials say. Some of the information included Social Security numbers, addresses, phone numbers and private health information for patients in 10 states.
A statement posted on the Defense Department's Tricare health system website said no credit card or bank account information was on the backup tapes. "There is no indication that the data has been accessed by unauthorized persons," the SAIC spokesman says. SAIC is working with the local police department, Defense Criminal Investigative Services and a private investigator to attempt to recover the tapes, the spokesman adds. TRICARE "does not have a policy" on encryption of backup tapes, a TRICARE spokesman says.
SAIC did not issue a news release about the data breach on its website. One corner of the SAIC home page, though, said an "Incident Response Call Center" had been created for Tricare patients. The firm's brief statement did not use the word breach, instead describing it as a "reported loss of back-up computer tapes containing personally identifiable and protected health information" for Tricare patients.
A statement posted on the Defense Department's Tricare health system website said no credit card or bank account information was on the backup tapes. "There is no indication that the data has been accessed by unauthorized persons," the SAIC spokesman says. SAIC is working with the local police department, Defense Criminal Investigative Services and a private investigator to attempt to recover the tapes, the spokesman adds. TRICARE "does not have a policy" on encryption of backup tapes, a TRICARE spokesman says.
SAIC did not issue a news release about the data breach on its website. One corner of the SAIC home page, though, said an "Incident Response Call Center" had been created for Tricare patients. The firm's brief statement did not use the word breach, instead describing it as a "reported loss of back-up computer tapes containing personally identifiable and protected health information" for Tricare patients.
