ARKANSAS, USA — The Department of Human Services (DHS) discovered a breach of Medicaid client information and is working to notify the affected clients.
On September 16, 2022, the DHS was made aware that an employee sent emails from her DHS email to her personal Yahoo account with client information attached.
The attachments included Excel spreadsheets used to notify the Department of Health of how many Medicaid clients had been diagnosed with the flu.
The documents included the clients' Medicaid Recipient ID, date of birth, gender, county, zip code, and a flu diagnosis of 925 individuals.
However, the information did not include names, social security numbers, financial details, or the clients’ full addresses.
The only health information disclosed was the flu diagnosis.
Although the information was limited, DHS takes their clients' privacy very seriously and will be notifying the affected clients by mail.
After discovering the incident, the DHS took extra steps and precautions to prevent similar situations from happening in the future.
Every year, all DHS employees are required to complete HIPAA training to learn the policies and procedures used to protect the privacy and security of their clients' information.
If any DHS clients have questions or concerns, they can contact the DHS Privacy Office by email at DHSPrivacyOfficer@dhs.arkansas.gov or by toll-free phone at 1-855-283-0835.