SCAN Health Plan of California, SCAN Health Plan Arizona, and VillageHealth are in the process of notifying certain plan members and non-plan members of a breach of protected health information, including names, addresses, telephone numbers, dates of birth and in some cases, health notes, medications, doctor information and Social Security numbers.

The unauthorized access to the health plan information occurred between March and June of 2016, when SCAN’s sales contact sheets system was compromised. The compromise was discovered on June 27.

Question? Why do sales contact sheets include health information and Social Security numbers? This is another lesson of why it is so important to only ask for and give data that is essential to the purpose of the project. Do sales personnel really need access to individuals’ Social Security number and why would a person give a sales person their Social Security number in the first place?

[View source.]