We are sending this letter as part of KIPDA’s commitment to client privacy and want to make you aware of a possible privacy issue. We recently learned of a security incident that may have involved some personal health information we recently collected to perform services for you or for an individual in your care. KIPDA partners with community providers to support members of our community through the provision of individualized services such as caregiver services, in-home services, and Medicaid Waiver Program services. To perform these services, KIPDA must collect and maintain certain personal health information for the individuals we seek to serve. We want to let you know what happened involving the personal information in our possession, what steps we are taking in response, and how you can protect personal information about you or others in your care.
What Information Was Involved. The work papers in the stolen vehicle included completed Physician Recommendation forms for Medicaid Waiver services for Kentucky Medicaid program members. The personal information contained on these forms consisted of the following: The Medicaid member’s name, address, phone number, diagnosis or diagnoses, Medicaid Member ID number, a physician’s signature and the physician’s National Provider Number. The information did not include a birth date, social security number, or any financial account information.
We take the confidentiality of the personal information we collect very seriously and apologize for any inconvenience this incident might cause you. If you have any further questions, please contact me at joanna.weiss@kipda.org or call 1-502-714- 5111 (toll free), Monday through Friday from 8 am to 4 pm Eastern Time. Voicemail messages will be returned within two business days.
Sincerely,
JoAnna Weiss, MA
Quality Management Planner KIPDA Privacy and Security Officer
(Current as of January 19, 2023)
Equifax, PO Box 740241, Atlanta, GA 30374, www.equifax.com, 1-800-685-1111 (1-800-465-7166 in Canada)
Experian, PO Box 2104, Allen, TX 75013, www.experian.com, 1-888-397-3742
TransUnion, PO Box 2000, Chester, PA 19022, www.transunion.com, 1-800-888-4213 (1-877-525-3823 in Canada)
Free Credit Report. It is recommended that you watch for unauthorized activity by reviewing account statements and monitoring your credit report. You may obtain a copy of your credit report, free of charge, at least once every 12 months from each of the three nationwide credit reporting agencies. (During the pendency of the U.S. Health & Human Services Declaration of the COVID-19 Public Health Emergency, free, online credit reports are available at no charge from each credit reporting agencies.) To order your free credit report, visit www.annualcreditreport.com or call toll free at 1-877-322-8228. You can also order your free credit report by mailing a completed Annual Credit Report Request Form (available at https://www.annualcreditreport.com/manualRequestForm.action) to: Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348-5281.
You can obtain additional information about fraud alerts and security freezes from the Federal Trade Commission (below) or the three credit reporting agencies (above).
Federal Trade Commission (FTC) and State Attorneys General Offices. If you believe you are the victim of identity theft or have reason to believe your personal information has been stolen or misused, you should immediately contact the FTC and/or the Attorney General’s office in your home state. You may also contact these agencies for information on how to prevent or avoid identity theft. You may contact the Federal Trade Commission, Consumer Response Center, 600 Pennsylvania Avenue, NW, Washington, DC 20580, https://www.identitytheft.gov/, or phone 1-877-IDTHEFT (1-877- 438-4338).
Kentucky. Residents of Kentucky can report identity theft to the Attorney General of Kentucky by completing an online complaint form at ag.ky.com/scams or by calling the toll-free Identity Theft Hotline at 1-800-804-7556.
Tips and additional resources for protecting yourself from or responding to identity theft are available on the Kentucky Attorney General Identity Theft website at https://www.ag.ky.gov/Resources/Consumer- Resources/Consumers/Pages/Identity-Theft.aspx.
Indiana. The Attorney General of Indiana offers Indiana residents an ID theft victim kit. It includes steps for reporting the theft, resources for where to turn, and information for contacting the fraud department. A number of telephone numbers for different agencies and departments is also included in the kit. Access the kit at http://www.indianaconsumer.com/pdf/IDTheftVictimKit.pdf
Internal Revenue Service. IRS Form 14039, Identity Theft Affidavit, should be filed if the taxpayer attempts to file an electronic tax return and the IRS rejects it because a return bearing the taxpayer’s Social Security number already has been filed. This Affidavit should also be filed if the IRS instructs the taxpayer to do so. Additional information is available at https://www.irs.gov/newsroom/when-to-file-a-form-14039-identity-theft-affidavit. The IRS Identity Theft phone number is 1-800-908-4490. In addition, review the recommended actions for taxpayers who are victims of tax-related identity theft: https://www.irs.gov/individuals/data-breach- information-for-taxpayers.
State. Report tax related fraud to your state department of revenue or attorney general.
FTC. File a complaint with the FTC at www.identitytheft.gov.