[HEALTH.MIL] Risk to Patients from Data Breach Met with Proactive Response

  • From: HEALTH.MIL Mailing List
  • To: <HEALTH.MIL@xxxxxxxxxxxxx>, <TFL@xxxxxxxxxxxxx>
  • Date: Sat, 5 Nov 2011 01:29:57 -0500

Risk to Patients from Data Breach Met with Proactive Response


November 04, 2011




FALLS CHURCH, Va. - A loss of computer tapes by Science Applications
International Corporation (SAIC) may have placed TRICARE patient data at risk.
There is no evidence that any of the data has actually been accessed by a third
party, and analysis shows the chance any data was actually compromised is low,
but proactive measures are being taken to ensure that potentially affected
patients are kept informed and protected.

SAIC is a contractor for the TRICARE Management Activity.  On September 14, TMA
learned that an SAIC employee reported that on September 12 computer tapes
containing personally identifiable and protected health information (PII/PHI) of
4.9 million military clinic and hospital patients in Texas, or those patients
who had laboratory exams sent to the military hospitals in Texas, were stolen.
The data contained on the tapes may include names, Social Security numbers,
addresses and phone numbers, and some personal health data such as clinical
notes, laboratory tests and prescriptions. There is no financial data, such as
credit card or bank account information, on the backup tapes.

"We take this incident very seriously," said Brigadier General W. Bryan Gamble,
TMA deputy director. "The risk to our patients is low, but the Department of
Defense is taking steps to keep affected patients informed and protected."

TMA has directed SAIC to provide one year of credit monitoring and restoration
services to patients who express concern about their credit.  SAIC will also
conduct analysis of all available data to help TMA determine if identity theft
occurs due to the data breach.

"These measures exceed the industry standard to protect against the risk of
identity theft," Gamble said.  "We take very seriously our responsibility to
offer patients peace of mind that their credit and quality of life will be
unaffected by this breach."

The risk of harm is judged to be low despite the sensitive data involved.
Retrieving data from the tapes requires knowledge of and access to specific
hardware and software and knowledge of the system and data structure.  However,
as a standard practice individuals may protect their personal information by
taking the steps suggested by the Federal Trade Commission at

Concerned patients may contact the SAIC Incident Response Call Center, Monday
through Friday, 9 a.m. to 6 p.m. Eastern Time, at (855) 366-0140 (toll free) for
United States callers and (952) 556-8312 (collect) internationally.


NOTE:  Comments on the above article may be posted on the TRICARE Facebook page
at http://www.facebook.com/TRICARE?sk=wall




SOURCE:  TRICARE News Release at




Other related posts:

  • » [HEALTH.MIL] Risk to Patients from Data Breach Met with Proactive Response - HEALTH . MIL Mailing List