CareFirst Data Breach (2013)

PHIPrivacy.net reminded us that many of the mistakes made in data breaches involve human error, as there have been three separate instances of CareFirst, a healthcare insurer, making patient mailing mistakes. In all three cases, CareFirst reported the incident to the Office for the Attorney General (OAG). The first instance occurred when a CareFirst associate mistakenly mailed a patients receipt that included their Social Security number to the wrong patient. Though the unintended recipient returned the receipt to CareFirst and the company doesnt believe that the information has been misused, it offered the affected patient a year of free credit monitoring.