An employee — former employee — of the South Carolina Department of Health and Human Services found out the hard way after transferring the information of more than 228,000 Medicaid beneficiaries to his personal email account. The data included Medicare numbers (which include Social Security numbers as part of the identifier) linked to the beneficiaries names. The Department’s response? “[T]he employee has been fired.” Not only was Christopher Lykes, Jr. fired, he has also been charged by the South Carolina Law Enforcement Division with 5 counts of criminal violation of confidentiality laws.
Compliance and privacy officers should feel free to print out the article from the Charleston Post and Courier or the Greenville News as a “teachable moment” to discourage everyone’s favorite secure email workaround.
Subscribe with RSS
