Protected health information on more than 7,600 Independent Health members was accidentally emailed to a member in March, a breach that violates federal privacy laws.
The Amherst-based health plan told members that an employee inadvertently emailed documents containing their information on March 19 to an unauthorized recipient who happened to be an Independent Health member.
Within an hour of the receiving the email, the recipient notified Independent Health and confirmed to the plan the email had been deleted, said Frank Sava, spokesman for the company.
The email attachment included member names, Independent Health ID numbers, name of provider seen, dates of service, claim numbers, claim payment information and medical procedure codes. But Sava said the company believes the risk of identity theft is low, as the email did not include Social Security numbers, personal financial data or diagnosis codes.
You can read the full entire story on the Buffalo Business First website.