The Utah Department of Health is in the process of notifying 6,000 Medicaid enrollees that their personal information, inluding names, ages and prescription information, was exposed by the error. The missing data does not include patient birth dates, Social Security numbers or financial information.
"We believe the potential risk for identity theft is minimal. Further, we have no reason to believe the data were targeted by anyone to be used for malicious purposes," said Utah Medicaid Director Michael Hales, in a statement.
The missing Medicaid data comes less than a year after a major breach of a Utah Department of Health server, which exposed hundreds of thousands of records containing Social Security numbers and other personally identifiable information. That breach, still under investigation, may result in fines for the state. According to a health department spokesperson, the state may seek restitution for this month's data leak from Goold.