280,000 medical records on misplaced flash drive

Misplacing keys or a cell phone is a common human error. But sometimes that small lapse in memory can have huge consequences.

A security breach of patient medical records involves hundreds of thousands of people who have Medicaid insurance in Pennsylvania. From WHYY’s health and science desk Kerry Grens reports those patients have lots of company.

A computer drive containing health information about 280,000 patients slipped out of sight from the health insurer in charge of it — AmeriHealth Mercy. The company says it has no evidence that the data have been accessed. Seven social security numbers and 801 partial social security numbers are stored in the files.

Tena Friery, the research director at Privacy Rights Clearinghouse, says about 14 million people have been affected by medical records breaches since 2005.

Friery: Having medical information or any information in electronic format leads to additional opportunities for information to be lost, stolen, compromised.

In this case, AmeriHealth says someone in possession of a flash drive simply misplaced it. Donna Burtanger is the vice president of marketing and communications for AmeriHealth.

Burtanger: It was actually lost in our Philadelphia corporate offices. We’ve conducted a thorough investigation and have no reason to believe it’s nothing other than it’s misplaced.

The company is still in the process of notifying affected members.