The personal financial information of 850,000 health care professionals was compromised when a laptop was stolen in late August from the
The insurer said it discovered Sept. 2 that a laptop had been stolen Aug. 25 in the Chicago area. It delayed notifying the affected people so that it could assign credit-monitoring codes to the providers, a spokeswoman for Anthem Blue Cross and Blue Shield of Connecticut, which licenses the Blue Cross name, told the Hartford Courant for a Tuesday article.
A Blue Cross spokesman told the Courant that the provider data was unencrypted and had been put on the laptop by an employee, in violation of the association's policy. The employee hoped to work over the weekend and put the information on a personal laptop; the laptop was left in a car overnight, and the car was then burglarized.
Connecticut's attorney general, Richard Blumenthal, said he was upset at the delay in the notification to the 19,000 Connecticut providers. "These health-care professionals were left uninformed and unprotected for two months," he told the paper.
Blumenthal noted that although state law does not mandate a deadline for disclosing a breach, it does allow for fines in some situations.
Blumenthal has already convinced Anthem to extend its free credit-monitoring offer to two years instead of one, the paper reported.
This story was reprinted with permission from
