Almost 14,000 Affected by SAMBA Privacy Breach

14,000 individuals are being alerted about a February 2018 breach of protected health information at the Special Agents Mutual Benefit Association (SAMBA).

The data breach affects eligible family members of plan members who were covered by the Federal Employees Health Benefits Plan during 2017.

It is an Internal Revenue Service (IRS) obligation for SAMBA to send a copy of Form 1095-B to all plan members every tax year. The form in question supports plan subscribers’ and covered family members’ compliance with the Affordable Care Act’s individual mandate.

The forms for the 2017 tax year were sent out on or soon after February 19, 2018; however, a programming mistake resulted in the forms being filled with information relating to other subscribers’ family members.

Rather than listing the subscribers’ family members covered by their health plan, the forms listed the names and Social Security numbers of other subscribers’ family members and the dates of health insurance coverage during 2017.  The forms were also dated 2016 in mistake.

SAMBA stated that no subscribers’ Social Security numbers were accessible. The privacy breach was limited to subscribers’ family members. A official inquiry into the error showed that the mailing mistake affected 13,942 people.

The error was first discovered on February 22, 2018, and a subsequent mailing was issued with the proper tax year and family members’ details on the forms. Notification correspondence have also been transmitted to family members impacted by the breach, and subscribers who were in receipt an incorrect copy of Form 1095-B have also been advised and instructed to destroy the 2016 version of the form in question.

There have been no reports to SAMBA to suggest the impermissibly disclosed data has been misused in any way; however, as a precautionary measure against identity theft, all those affected have been told to use utmost caution and obtain credit reports and review them and their Explanation of Benefits statements carefully for any sign of possible fraudulent activity.

 

Author: Security News

Immediate Access

Privacy Policy