CalOptima in California is investigating a data breach affecting about 56,000 members, in an incident caused by a former employee who downloaded protected health information onto a USB flash drive, the insurer reported.
CalOptima, which is Orange County's health insurance program for low-income children, adults, senior citizens and disabled residents, sent out an Oct. 14 notice to its members that said the incident occurred on or about August 17.
The departing CalOptima employee downloaded the protected health information of an estimated 7 percent of the health plan's 798,243 members onto an unencrypted USB flash drive. Shortly after, the departing employee returned the flash drive, CalOptima said.
"While we are still investigating the contents of the flash drive, we do not believe the information was shared," CalOptima said.
[Also: 8.8 million patient health records breached in August, report says]
The information on the flash drive may have included members' names and other demographic information, and other health plan-related information. Some members may have had their Social Security number included.
"We regret that this occurred and want to assure members that we are changing our procedures and practices to reduce the chance of it happening again," CalOptima said. "As a precaution, we are offering credit monitoring services to affected adult members at no cost for 12 months."
CalOptima did not name the former employee or give a motive. Officials also gave no indication of whether they have or would bring charges.
CalOptima is a $3.4 billion a year health plan, financed by federal and state taxpayers, according to the Voice of OC.
Twitter: @SusanJMorse