A publicly accessible database powering CMS’ Medicare Advantage provider directory exposed Social Security numbers of healthcare providers, The Washington Post reported April 30.
The Post downloaded the database and found dozens of provider Social Security numbers. The database had been accessible for multiple weeks, at least.
A CMS spokesperson told Becker’s “the issue stems from incorrect entries of provider or provider-representative-supplied information in the wrong places.” CMS did not reply to Becker’s questions regarding how many providers had exposed Social Security numbers and how long the information had been available.
The Post flagged the issue to health officials on April 28. CMS said it promptly addressed the issue and is reinforcing safeguards.
Last year, the publication identified errors in the directory, such as duplicative addresses and contradictory information regarding providers’ network status. In November, two Democratic lawmakers sent a letter to CMS Administrator Mehmet Oz, MD, questioning the directory’s “rushed launch.”
The initial Medicare directory was the first phase of a broader push for a national provider directory, which is scheduled to beta-launch in full later this year.
No comments:
Post a Comment