OSU Center for Health Sciences data breach may compromise Medicaid patients' information

Posted at 4:49 PM, Jan 09, 2018
and last updated 2018-01-09 18:15:48-05

A Tulsa family is frustrated after learning personal information may have been compromised after an unauthorized user accessed a network at Oklahoma State University Center for Health Sciences. 

The family said they have never been a patient at any OSU medical facility. 

Letters in the mail arrived in the mail on Monday, addressed to four members of the family.

“I got it, and then three of my kids got it,” the mother said.

Each one reads the same. 

“If you look at it, it says that it was Nov. 7.”

The letter was sent as a notification that patient information may have been compromised. This comes after a folder on the OSU-CHS computer network, storing Medicaid patient billing information, had been accessed by an “unauthorized third party.”

“I just want to know what information was accessed,” the mother said. “Are my kids going to be affected by this? Who do I need to talk to? What information needs to be protected? What's out there?"

The privacy and security of this family, who wishes to remain anonymous, is a big concern, but even more worrisome for the family is the fact they’ve never used OSU for any medical services.

“I’ve never been to any OSU facility anywhere in the entire state of Oklahoma, but they still have all my information to say mine was stolen,” the mother said.

The family all uses Medicaid, but according to expert sources, “There is no scenario in which Medicaid information would be shared beyond hospitals, clinics, or health systems the patient visited."

“I know when you go sign on the dotted lines, when you go get medical care, you agree that nobody can access your medical records without your permission,” she said. “So if I never gave OSU permission to access my medical records, I don't understand how they are viewing them."

Many questions still linger and 2 Works for You made several attempts to contact the center for health, but our calls went unanswered.

“I called them and they were like ‘you're on the list who's information was breached,’ so I have to assume that me and my kids are now compromised."

The mother also said OSU-CHS recognized her family members were not patients, but said her information was compromised regardless.

OSU-CHS did state on the letter that the folder did not contain any social security numbers or medical records, but did contain name, Medicaid number, healthcare provider name, dates of service and limited treatment information.

The health center did apologize for the inconvenience and is implementing measures to enhance security of patient information.

Those who may have received these letters are told to watch for discrepancies in billing statements and to notify Medicaid. 

For questions, you may call 1-844-551-1727.

Stay in touch with us anytime, anywhere.

Download our free app for Apple and Android and Kindle devices.

Sign up for newsletters emailed to your inbox. Select from these options: Breaking News, Severe Weather, School Closings, Daily Headlines and Daily Forecasts.

Follow us on Twitter

Like us on Facebook