Pennsylvania firing vendor that mishandled virus data
Pennsylvania is firing a company that performed COVID-19 contact tracing and exposed the private medical information of tens of thousands of residents, state officials said.
A close-up of the Moderna COVID-19 vaccine. (Office of Gov. Tom Wolf)
Pennsylvania is firing a company that performed COVID-19 contact tracing and exposed the private medical information of tens of thousands of residents, state officials said Thursday.
Employees of Insight Global used unauthorized Google accounts — readily viewable online — to store names, phone numbers, email addresses, COVID-19 exposure status, sexual orientations and other information about residents who had been reached for contact tracing. The company’s contract with the state required it safeguard people’s data.
The Department of Health said last month that at least 72,000 people were impacted. The state had planned to drop Insight Global once its contract expires at the end of the July, but the Health Department said Thursday it will terminate the contract early, on June 19.
The department said in a message to House Republicans that it was taking action “after more fully evaluating the circumstances” of the security lapse.
Related Content
Will I need to get a COVID-19 booster shot?
While pharmaceutical companies making COVID-19 vaccines say it’s likely you’ll need a booster, scientists say it’s too soon to tell. Here’s what we do know so far.
3 years ago
Listen 2:12Insight Global is required to notify impacted people, and the Health Department told the GOP those notifications would begin next week. The department said the state’s contact tracing operation would continue with a new vendor.
“We are working to make sure that there is not a break in continuity in our contact tracing services as we transition out of the Insight Global contract and into our next contract” Acting Health Secretary Alison Beam said at a news briefing Thursday.
State Rep. Jason Ortitay, R-Allegheny, who has accused the Wolf administration of being slow to act on the breach, said in a statement Thursday that he is pleased the state is severing ties with the Atlanta-based company, but said he is still seeking answers about the incident.
“This deserves a full investigation so we can learn what happened and how to prevent it from happening again moving forward,” he said.
The state has paid Insight Global tens of millions of dollars since last summer to administer the state’s contact tracing program. Contact tracers identify people who have been exposed to the coronavirus so they can quarantine.
Insight Global has acknowledged it mishandled sensitive data and apologized. The company has said it became aware on April 21 that employees had set up the unauthorized Google accounts for sharing information. Insight Global said it took steps to secure the information and that it was unaware of “the misuse of the information involved.”
Get daily updates from WHYY News!
WHYY is your source for fact-based, in-depth journalism and information. As a nonprofit organization, we rely on financial support from readers like you. Please give today.
Part of the series
Part of the series
COVID-19 Vaccines
The latest news and updates about the COVID-19 vaccine rollouts in our region.
New Jersey ‘failed’ to have an adequate response to COVID-19 pandemic, report finds
The report found that the state was not prepared to manage the crisis with limited resources, which was aggravated by the global supply chain breakdown.
1 month ago
Listen 1:08
As they prepare to dole out newly updated booster shots, local health workers are trying to incorporate lessons learned from three years’ worth of vaccine campaigns.
7 months ago
Listen 4:03
CDC panel recommends updated COVID vaccines. Shots could be ready this week
The agency’s director is expected to sign off on the panel’s recommendation and the vaccines could be available this week.
8 months ago