Care provider Health Net is back in hot water with Connecticut authorities and consumers following disclosure of a fresh data breach that threatens the privacy of nearly 25,000 residents. It is Health Net’s second data fiasco in two years.
Attorney General George Jepsen said Monday he is demanding  Health Net provide identity theft and credit protections to those residents because their medical and personal information may have been compromised in a nationwide data breach in early February.
The health care company has acknowledged that nine unaccounted server drives in its Rancho Cordova, Calif. operations, contained protected health information and personal information for 24,599 Connecticut residents, including 18,279 Medicare subscribers and 700 Medicaid subscribers and 5,620 commercial subscribers.
Jepsen says Health Net told him letters are going out, beginning Monday, to the Connecticut customers.
Last July, Connecticut settled for $250,000 from Health Net of the Northeast Inc., over a computer disk drive lost in May 2009 that contained protected health and other private information on more than 500,000 Connecticut citizens and 1.5 million consumers nationwide.
The missing disk drive contained names, addresses, Social Security numbers, protected health information and financial information.
The agreement, which also involved Health Net of Connecticut Inc., and parent companies UnitedHealth Group Inc. and Oxford Health Plans, resolved allegations that Health Net violated the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA).