A Kansas agency sent the health-related information and Social Security numbers of about 11,000 people to its business partners when it shouldn’t have, the agency disclosed Thursday.
The Kansas Department for Aging and Disability Services said an employee sent an unauthorized e-mail with the information that the agency became aware of on Feb. 23.
Gov. Jeff Colyer said Thursday the worker has been fired.
“I’m upset about it. I think that employee needed to be terminated. They were,” Colyer said.
The agency said contracts and agreements prevent the personal information from being further disseminated and that KDADS has no evidence that the information has been misused or disclosed publicly.
The information included names, addresses, dates of birth, gender, and information about participation in in-home services and Medicaid identification numbers, in addition to Social Security numbers.
Rep. Jeff Pittman, D-Leavenworth, said on the House floor that the data had been sent on Feb. 15.
KDADS e-mailed all of the individuals on the recipient list, advised them of the situation and asked them to delete or destroy the e-mail and its attachment in their inbox, all folders where it may have been saved, their trash folders and from any other electronic system such as cloud-based storage, said agency spokeswoman Angela de Rocha. In addition they were asked to shred any printed copies.
Consumers whose information was passed along will receive a letter explaining the situation, KDADS said.
De Rocha said KDADS has reported the incident to federal regulators.
“KDADS apologizes sincerely to the consumers affected for any distress or inconvenience this may cause. KDADS is undertaking an immediate review of policies and procedures relevant to preventing a similar situation from occurring,” the agency said in a statement.