CMS Notifies Medicare Beneficiaries of Information Breach

fitandhealthy December 18, 2022

In keeping with a Dec. 14 press release, the Facilities for Medicare & Medicaid Providers (CMS) is responding to an information breach at Healthcare Administration Options, LLC (HMS), a subcontractor of ASRC Federal Information Options, LLC (ASRC Federal), that probably includes Medicare beneficiaries’ personally identifiable data (PII) and/or protected well being data (PHI).

The press launch says that “No CMS techniques have been breached and no Medicare claims knowledge have been concerned. Preliminary data signifies that HMS acted in violation of its obligations to CMS and that the incident involving HMS has the potential to influence as much as 254,000 Medicare beneficiaries’ personally identifiable data out of the over 64 million beneficiaries that CMS serves. This week, CMS is mailing beneficiaries which were doubtlessly impacted a letter from CMS notifying them instantly of the breach.”

The letter, which is posted in full within the press launch, states that “On October 8, 2022, Healthcare Administration Options (HMS), LLC, a CMS subcontractor, was topic to a ransomware assault on its company community. HMS handles CMS knowledge as a part of processing Medicare eligibility and entitlement data, along with premium funds. Preliminary data signifies that HMS acted in violation of its obligations to CMS, and CMS continues to examine the incident. No CMS techniques have been breached, and no Medicare claims knowledge have been concerned. On October 9, 2022, CMS was notified that the subcontractor’s techniques had been topic to a cybersecurity incident however CMS techniques weren’t concerned. As extra data grew to become accessible, on October 18, 2022, CMS decided with excessive confidence that the incident doubtlessly included personally identifiable data and guarded well being data for some Medicare enrollees. Since then, CMS has been working diligently with the contractor to find out what data and which people might have been impacted.”

The letter notes that private and Medicare data that might have been compromised consists of: title, deal with, date of beginning, telephone quantity, Social Safety Quantity, Medicare Beneficiary Identifier, banking data (together with routing and account numbers), and Medicare entitlement, enrollment, and premium data. The letter says that no claims knowledge have been concerned in this incident.

CMS says that when the incident was reported an investigation with the contractor and cybersecurity specialists started instantly. The investigation is ongoing.

“The providers supplied to CMS beneath the contract with ASRC Federal embody resolving system errors associated to Medicare beneficiary entitlement and premium fee data,” the press launch notes. “The contractors’ providers additionally help the gathering of Medicare premiums from the direct-paying beneficiary inhabitants. The contractor doesn’t deal with Medicare claims data.”

Tags: , , , , , ,

More Stories

Celebrating Neighborhood Well being Employees | HHS.gov

fitandhealthy September 21, 2023

BeiGene, Novartis Drug Alliance Ends; It is Their Second Terminated Deal This Yr

fitandhealthy September 20, 2023

Weight problems: A Holistic Strategy

fitandhealthy September 19, 2023

Latest Post

Non-invasive Transcranial Electrical Stimulation (TES) exhibits early promise to deal with ADHD signs in kids

fitandhealthy September 22, 2023

Mark Manson’s 3 Guidelines for Life

fitandhealthy September 22, 2023

As U.S. Syphilis Instances Rise, These on the Epicenter Scramble

fitandhealthy September 22, 2023

Exploring disfigurement and self-worth

fitandhealthy September 22, 2023

Integrating Knowledge and Implementation Science to Speed up HIV Prevention and Therapy (R21/R33 Medical Trial Not Allowed)

fitandhealthy September 21, 2023