CMS Notifying Potentially Involved Beneficiaries and Providing Information on Free Credit Monitoring
The Centers for Medicare & Medicaid Services (CMS) is responding to a data breach at Healthcare Management Solutions, LLC (HMS), a subcontractor of ASRC Federal Data Solutions, LLC (ASRC Federal), that may involve Medicare beneficiaries’ personally identifiable information (PII) and/or protected health information (PHI). No CMS systems were breached and no Medicare claims data were involved. Initial information indicates that HMS acted in violation of its obligations to CMS and that the incident involving HMS has the potential to impact up to 254,000 Medicare beneficiaries’ personally identifiable information out of the over 64 million beneficiaries that CMS serves. This week, CMS is mailing beneficiaries that have been potentially impacted a letter from CMS notifying them directly of the breach. A copy of that letter can be found below. Go HERE for more details.