Californians, take note. If your health insurer is Health Net, watch your credit report. Somehow, Health Net cannot account for nine of its server drives which contains the personal information needed for identity theft. Almost 900,000 Health Net "subscribers" may be at risk.
It gets worse. Health Net failed to encrypt the data.
Now two state agencies are investigating what happened (or, in this case, what didn't happen). Beth Givens, director of Privacy Rights Clearinghouse, said Health Net didn't even go through the basic steps of security.
Of course, Health Net will now offer its "members" free credit monitoring and identity theft insurance. What does that cost? Last year I blogged that someone assigned a cost to each case of a security breach -- $204.00 per lost record. This is not actual money being spent, but if that is indeed an accurate number, Health Net's security breach is valued at $172,380,000 - thousands of times more than the salary someone with my expertise earns. Some of this cost is real. Depending on the outcome of the investigations, Health Net could face fines to the tune of millions of dollars. There's precedence for this. Hospitals in Massachusetts and Arizona were fined for HIPAA violations. The people who steal identities are not interested in your health, just your wealth.
http://www.kpbs.org/news/2011/mar/15/state-regulators-launch-investigations-health-net-/
