© 2021
In touch with the world ... at home on the High Plains
Play Live Radio
Next Up:
0:00
0:00
0:00 0:00
Available On Air Stations

Kansas Aging Agency Shared Personal Information Of 11,000 People

A state employee has been fired after sending an email to contractors that shared personal information of 11,000 Kansans.
flickr
A state employee has been fired after sending an email to contractors that shared personal information of 11,000 Kansans.

Officials with the Kansas Department for Aging and Disability Services said Thursday that a staff member improperly disclosed personal information for 11,000 people in an email sent to multiple addresses.

Angela de Rocha, a KDADS spokeswoman, said the disclosure includes Social Security numbers, birth dates and other personal details of Medicaid recipients and potential recipients of the health care program.

Such personal details, particularly the combination of a Social Security number with a date of birth, can be all a criminal might need for identity theft.

The agency said it had no indication that the information has been misused or spread further. KDADS learned of the disclosure last month.

Gov. Jeff Colyer said that his administration is investigating the breach and that the worker was fired.

“I’m upset about it. I think that employee needed to be terminated. They were,” Colyer said. “We are going to be watching this. I want to make sure this does not happen again.”

The information was improperly emailed to local contractors with the state’s 11 area agencies on aging.

“KDADS emailed all of the individuals on the recipient list, advised them of the situation and asked them to delete or destroy the email,” de Rocha said. “In addition, they were asked to shred any printed copies.”

The state is contacting affected individuals to inform them about the data breach.

De Rocha said it would not have been a violation to send the personal information about a specific individual to the local organization assisting that person. The problem in this case, she said, was sharing the personal information of thousands of individuals with multiple organizations.

In a statement, the agency said “KDADS apologizes sincerely to the consumers affected for any distress or inconvenience this may cause. KDADS is undertaking an immediate review of policies and procedures relevant to preventing a similar situation from occurring.”

Democratic Rep. Jeff Pittman referenced the data breach during debate on the House floor Thursday. He said state agencies vary widely in security and that some aren’t doing enough to protect the personal data of Kansans.

“When that data gets out, their identity gets stolen,” Pittman said. “We are not doing a good job in terms of keeping our data secure.”

KDADS said people concerned about the breach can put a freeze or fraud alert on their credit report from the three major reporting bureaus: Equifax, Experian and TransUnion.

--Stephen Koranda is Statehouse reporter for Kansas Public Radio, a partner in the Kansas News Service. Follow him on Twitter @KPRKoranda.

Copyright 2018 KMUW | NPR for Wichita

The Associated Press is one of the largest and most trusted sources of independent newsgathering, supplying a steady stream of news to its members, international subscribers and commercial customers. AP is neither privately owned nor government-funded; instead, it's a not-for-profit news cooperative owned by its American newspaper and broadcast members.
Stephen Koranda
Stephen Koranda is Statehouse reporter for Kansas Public Radio and the Kansas News Service, a collaboration of KCUR, KMUW, Kansas Public Radio and High Plains Radio covering health, education and politics.