About 1,100 members SummaCare affected in data breach
Canton Repository (OH)
Health insurance provider SummaCare is notifying about 1,100 of its members that their information may have been involved in a data security breach.
The Akron-based insurer, which is owned by Summa Health, said it recently investigated and addressed a data security incident involving about 2% of its 61,000 members.
The insurer said it does not believe there was any misuse of information but suggests affected members look at their statements and contact SummaCare if there are any treatments not received.
SummaCare said it became aware Feb. 8 of a misconfiguration in one of its computer systems, which allowed certain documents to be accessible via the internet between Nov. 19 and Feb. 7. The documents contained some members' names, health insurance ID numbers, patient account numbers, dates of service, provider names and limited treatment information
"SummaCare took prompt action to remove documents and reconfigured the settings on the involved computer system," the insurer said in a statement. "It also began a comprehensive investigation into the incident with the assistance of a third-party forensic firm."
SummaCare mailed letters to impacted plan members and set up a toll-free number for customers with questions.
If you believe you are affected but do not receive a letter by April 30, call 855-482-1575, Monday through Friday between 9 a.m. to 6:30 p.m.
"SummaCare deeply regrets any inconvenience or concern this incident may cause its members," the insurer said in its statement. "To help prevent something like this from happening again, SummaCare has enhanced its authentication protocols and is continuing to improve its existing technical safeguards to further protect its systems."