Unauthorized Data Sharing Puts Kansas Agency on the Defensive

Approximately 11,000 personal records were exposed when an employee with the Kansas Department of Aging and Disability Services shared the records with state business partners.

by Jonathan Shorman, The Wichita Eagle / March 5, 2018
Shutterstock

(TNS) — A Kansas agency sent the health-related information and Social Security numbers of about 11,000 people to its business partners when it shouldn’t have, the agency disclosed Thursday.

The Kansas Department for Aging and Disability Services said an employee sent an unauthorized e-mail with the information that the agency became aware of on Feb. 23.

The agency said contracts and agreements prevent the personal information from being further disseminated and that KDADS has no evidence that the information has been misused or disclosed publicly.

The information included names, addresses, dates of birth, gender, and information about participation in in-home services and Medicaid identification numbers, in addition to Social Security numbers.

KDADS e-mailed all of the individuals on the recipient list, advised them of the situation and asked them to delete or destroy the e-mail and its attachment in their inbox, all folders where it may have been save, their trash folders and from any other electronic system such as cloud-based storage, said agency spokeswoman Angela de Rocha. In addition they were asked to shred any printed copies, she said.

Consumers whose information was passed along will receive a letter explaining the situation, KDADS said.

De Rocha said KDADS has reported the incident to federal regulators.

“KDADS apologizes sincerely to the consumers affected for any distress or inconvenience this may cause. KDADS is undertaking an immediate review of policies and procedures relevant to preventing a similar situation from occurring,” the agency said in a statement.

©2018 The Wichita Eagle (Wichita, Kan.) Distributed by Tribune Content Agency, LLC.