Anthem alerts physicians to nationwide data breach
The August theft of a Blue Cross employee's laptop in Chicago could affect all of Maine's doctors.
By JOHN RICHARDSON, Staff Writer
October 31, 2009
Maine's largest health insurance company is notifying physicians around the state that their personal information, possibly including Social Security numbers, was compromised in a nationwide data breach.
Anthem Blue Cross and Blue Shield mailed letters to health care providers this week saying that their names, addresses, and medical provider and tax identification numbers were in a laptop computer that was stolen from an employee of the Blue Cross Blue Shield Association, a national insurance company affiliated with Anthem.
"We started getting some agitated calls today and I'm assuming that's because (physicians) just got the letter," Gordon Smith, executive vice president of the Maine Medical Association, said late Friday. "I think this is going to be of concern to members and their practices, and we'll hear from quite a few of them."
Smith said he believes that virtually all of Maine's 4,000 to 5,000 practicing physicians will be affected.
"Almost every doctor in America has a relationship with their Blue Cross plan, which in Maine happens to be Anthem," he said.
The laptop was stolen from a Blue Cross employee's car in August near the company's headquarters in Chicago. The employee had violated the company's data security policies by downloading the information onto the laptop, according to Anthem's letter.
Physicians in some other states, including Massachusetts, learned about the breach early this month. Blue Cross said then that it had taken time to figure out exactly what information was lost.
It's not clear why Maine physicians didn't learn about the breach sooner. Anthem spokesman Chris Dugan referred questions about the response to Blue Cross Blue Shield.
The breach could affect hundreds of thousands of physicians nationwide, Blue Cross Blue Shield has said.
No medical or patient information was compromised in the security breach, according to the letter. "On behalf of (Blue Cross Blue Shield Association), we are notifying you of this incident because your Social Security number may have been in this file," Anthem's letter says.
"The breach did not occur at the local level, at Anthem, (but) we're working closely with BCBSA to notify our doctors," said Dugan.
The national company is offering to pay for physicians to get credit reports for one year so they can monitor for any unauthorized activity, such as new credit cards or loans taken out in their names.
A Blue Cross Blue Shield representative could not be reached late Friday night.
There have been no reports of identity thefts related to the data breach, said Smith, of the medical association. He said he learned about the problem a couple of weeks ago and began alerting physicians in a newsletter.
Staff Writer John Richardson can be contacted at 791-6324 or at:
jrichardson@pressherald.com