On Sept. 14, Science Applications International Corporation (SAIC) reported a data breach involving personally identifiable and protected health information impacting an estimated 4.9 million military clinic and hospital patients. The information was contained on backup tapes from an electronic health-care record used in the military health system to capture patient data from 1992 through Sept. 7, and may include Social Security numbers, addresses and phone numbers, and some personal health data such as clinical notes, laboratory tests and prescriptions. There is no financial data, such as credit card or bank account information, on the backup tapes.
The risk of harm to patients is judged to be low despite the data elements involved, since retrieving the data on the tapes would require knowledge of and access to specific hardware and software and knowledge of the system and data structure. The incident is being investigated and additional information will be published as soon as it is available. Meanwhile, both SAIC and TRICARE Management Activity are reviewing current data protection security policies and procedures to prevent similar breaches in the future.
Anyone who suspects that they were impacted by this incident is urged to take steps to protect their personal information and should be guided by the Federal Trade Commission here.
Concerned patients may contact the SAIC Incident Response Call Center Monday through Friday from 9 a.m. to 6 p.m. Eastern Time at (855) 366-0140 (United States) or by calling collect at (952) 556-8312 (international).
For more information about the breach, click here.