After health insurer
Health Net was asked by Insurance Commissioner Dave Jones to forward the findings of its own investigation on the breach to his department. Jones has also advised Health Net policyholders impacted by the loss of the drives to contact the California Department of Insurance.
The company says it was informed of the missing drives by IBM, the vendor that handles the insurance company’s information technology infrastructure. IBM could not be reached for comment.
In a statement, Health Net said the missing drives contained "personal information of some former and current Health Net members, employees, and healthcare providers, [which] may include names, addresses, health information, Social Security numbers, and/or financial information."
But according to the California Department of Managed Care, the drives include personal information of 1.9 million former and current enrollees nationwide. The drives also include information of employees and health care providers.
The state insurance department’s independent follow-up investigation is designed to determine whether the health insurer did everything possible to avoid and remedy the security breach. The other regulator’s investigation would also look into the insurer’s security practices.
Health Net is offering affected individuals two years of free credit monitoring services, the restoration of credit files and identify theft insurance, according to reports.
