|October 15, 2009|
Statement on Hard Drive Theft (Update)
BlueCross BlueShield of Tennessee is committed to maintaining high levels of security for all our members and we acknowledge that the recent theft of 57 hard drives has caused concern. We apologize and want our members and groups to know that we will continue to work to address all concerns, as well as provide information and assistance to ensure we are meeting our customers’ needs. |
BlueCross has undertaken the following measures:
· We have an internal team of IT experts working diligently to assess the information contained on the hard drives using our system backup tapes. Those efforts are being assisted by Kroll Ontrack®, a leading national provider of data recovery and security solutions.
· We continue to work with local and federal authorities on the criminal investigation.
· We have reviewed and reinforced physical security measures at all company-owned and leased properties by adding additional video camera surveillance, reviewing our biometric and key card access readers, and increasing our security personnel presence.
· We are complying with all applicable state and federal laws, including the the HITECH Act of 2009.
· We will be retaining an independent third party firm to perform a security assessment so we can further strengthen our existing security.
Our current focus is identifying the clients who potentially have members whose information could be contained on the stolen hard drives. We expect it will take several weeks to identify affected clients, as the process requires the need to listen to each recorded phone call.
Once identified, the clients will be notified via priority mail that they have had members whose personal information is contained in the stolen records and therefore at risk.
Next steps will involve an exhaustive process of identifying the specifically impacted members. These members will receive notice of the information that was contained on the stolen hard drives. We anticipate that this process may take up to 60 days for a full assessment of the information.
BlueCross clients and members who may have additional questions or concerns may contact the BlueCross Privacy Office Hotlines at 1-888-422-2786 or 1-888-455-3824 or send an email to Privacy_Office@bcbst.com.
BlueCross BlueShield of Tennessee does not make unsolicited phone calls asking for personal information such as bank account or drivers license information.
BlueCross BlueShield of Tennessee's mission is to provide its customers and communities with peace of mind through affordable solutions for health and healing, life and living. Founded in 1945, the Chattanooga-based company is focused on reinventing the health plan for its 3 million members in Tennessee and across the country. Through its integrated health management approach, BlueCross provides patient-centric products and services that drive health improvement and positively impact health care quality and value. BlueCross BlueShield of Tennessee Inc. is an independent licensee of the BlueCross BlueShield Association. For more information, visit the company's website at www.bcbst.com.
Return to Press Releases