The Indiana Family and Social Services Administration had to notify 187,533 clients of the compromise of protected health information (PHI) after discovering a computer programming glitch.
The company discovered that an IT contractor made a computer programming error to a document management system. The mistake caused client documents to be copied and inserted in documents sent to other clients. The code was improperly programmed on April 6, 2013, and the error was discovered on May 10, 2013.
Information impacted by the error included patients names, addresses, dates of birth, contact information, benefits received, and financial data, among others. For some, Social Security Number was also released.
In accordance with the HIPAA Breach Notification rules, IFSSA will send a letter to all impacted individuals identifying the issue. It is reported that the technology company responsible for the breach will offer 90 days of free credit reporting, and not the 1 year typically provided in such circumstances.