Global Navigation
Office of The Attorney General
The State of New Jersey Office of The Attorney General (Dept. of Law & Public Safety) The State of New Jersey NJ Home Services A to Z Departments/Agencies OAG Frequently Asked Questions
Services A to Z Departments/Agencies OAG Frequently Asked Questions
OAG Home
OAG Contact
spacer
Back to News Releases
OAG Home Attorney General's Biography
Attorney General's Biography
spacer spacer spacer
   
 
spacer spacer spacer
spacer spacer spacer
For Immediate Release: For Further Information:
December 10, 2018

Office of The Attorney General
- Gurbir S. Grewal, Attorney General
Division of Consumer Affairs
- Paul R. Rodríguez, Acting Director
Division of Law
- Michelle Miller, Director
Media Inquiries-
Lisa Coryell
609-292-4791
spacer
Citizen Inquiries-
609-984-5828
spacer
spacer spacer spacer
spacer
New Jersey Division of Consumer Affairs Announces Settlement with EmblemHealth Over Sensitive Personal Information Breach
spacer
spacer spacer spacer
spacer
spacer
spacer spacer spacer
spacer

TRENTON – Attorney General Gurbir S. Grewal and the Division of Consumer Affairs announced today that health insurance provider EmblemHealth, Inc. has agreed to pay the State a $100,000 civil penalty to resolve allegations it improperly disclosed the highly confidential personal information of more than 6,000 New Jersey customers.

Under terms of the settlement, EmblemHealth, one of the nation’s largest non-profit health insurance plans, also must implement a variety of significant internal compliance reforms designed to better safeguard the personal information of its policy holders. EmblemHealth’s subsidiary, Group Health Incorporated, is also a party to the settlement. Both companies are headquartered in New York.

The agreement announced today resolves the State’s investigation into an October 2016 breach incident in which EmblemHealth improperly displayed the Medicare Health Insurance Claim Numbers (HICN), which mirror individual Social Security numbers, belonging to more than 81,000 policy holders, 6,443 of whom reside in New Jersey.

“Health insurers entrusted with their customers’ sensitive personal information have a duty to avoid improper disclosures,” said Attorney General Grewal. “EmblemHealth fell short of its obligations to its customers in this case, and I am pleased that our settlement includes measures designed to prevent similar breaches at this company in the future.”

“Consumers need to know that when companies ask for or require highly sensitive personal information – such as their Social Security numbers -- the information will be stored securely and utilized discretely,” said Paul R. Rodríguez, Acting Director of the Division of Consumer Affairs. “This settlement should serve as a reminder that we are committed to safeguarding consumer privacy, and will hold accountable any businesses that are careless in the handling of such personal data.” 

The incident at issue took place on October 3, 2016 when EmblemHealth’s vendor sent a paper copy of EmblemHealth’s Medicare Part D Prescription Drug Plan’s Evidence of Coverage to 81,122 of its customers, including 6,443 who live in New Jersey.

The label affixed to the mailing improperly included each customer’s HICN, which incorporates the nine digits of the customer’s Social Security number, as well as an alphabetic or alphanumeric beneficiary identification code. (The number shown was identified as the “Package ID#” on the mailing label and did not include any separation between the digits.)

During its investigation, the Division found that following the departure of the EmblemHealth employee who typically prepared the Evidence of Coverage mailings, the task was assigned to a team manager of EmblemHealth’s Medicare Products Group, who received minimal training specific to the task and worked unsupervised. Before forwarding the data file to the print vendor, this team manager failed to remove the patient HICNs from the electronic data file.

The Division’s investigation resulted in allegations that EmblemHealth violated the New Jersey Identity Theft Prevention Act, the New Jersey Consumer Fraud Act and the Health Insurance Portability and Accountability Act (HIPAA).

Among other settlement terms, EmblemHealth has agreed to no longer use HICNs that include Social Security numbers and/or Medicare Beneficiary Identifiers to identify customers in mailing files. Instead, the company will convert to a system that employs unique identifiers to identify its customers.

EmblemHealth also has agreed to require the formal transfer of an outgoing employee’s responsibilities to another qualified employee or third party, and that the transition process will include necessary training. Further, the company has agreed to engage a training vendor and implement new privacy and security training modules for employees upon hiring, and on an annual basis after that.

In addition, EmblemHealth has agreed to notify not only its customers but, for the next three years, the Division of Consumer Affairs when any breach of security affecting the personal information of New Jersey customers takes place.

Investigator Walter R. Kaminski of the Office of Consumer Protection within the Division of Consumer Affairs conducted this investigation.

Deputy Attorney General Lara J. Fogel, along with former Deputy Attorney General Michelle T. Weiner of the Government & Healthcare Fraud Section within the Division of Law, represented the State in this matter.

Follow the New Jersey Attorney General’s Office online at Twitter, Facebook, Instagram, Flicker & YouTube. The social media links provided are for reference only. The New Jersey Attorney General’s Office does not endorse any non-governmental websites, companies or applications.

spacer
spacer spacer spacer
spacer
 
News Index Page I top
 
Executive Assistant Attorney General
Attorney General's Message Ask the Attorney General
Contact OAG About OAG
OAG News OAG Frequently Asked Questions
OAG Library Employment
OAG Grants Proposed Rules
OAG History OAG Services A-Z
Statutes
OAG Agencies / Programs / Units
Other News Pages Otras Noticias en Español Division of NJ State Police Division of Law News Governor's Office News Division of Highway Traffic Safety News Office of the Insurance Fraud Prosecutor Juvenile Justice Commission News Division on Civil Rights News Division of Consumer Affairs News Division of Criminal Justice News Election Law Enforcement Commission Division of Gaming Enforcement News
NJ State Police News Governor's Office News Division of Highway Traffic Safety News Office of the Insurance Fraud Prosecutor Juvenile Justice Commission News Division on Civil Rights News Division of Consumer Affairs News Division of Criminal Justice News Election Law Enforcement Commission Division of Elections News Division of Gaming Enforcement News Office of Government Integrity News
   
Contact Us | Privacy Notice | Legal Statement | Accessibility Statement
NJ Home Logo
Departmental: OAG Home | Contact OAG | About OAG | OAG News | OAG FAQs
Statewide: NJ Home | Services A to Z | Departments/Agencies | FAQs
Copyright © State of New Jersey
This page is maintained by OAG Communications. Comments/Questions: email or call 609-292-4925
OAG Home OAG Home NJ State Police News Governor's Office News Division of Highway Traffic Safety News Office of the Insurance Fraud Prosecutor Juvenile Justice Commission News Division on Civil Rights News Division of Consumer Affairs News Division of Criminal Justice News Election Law Enforcement Commission Division of Elections News Division of Gaming Enforcement News Office of Government Integrity News Click to Enlarge Image Click to Enlarge Image Click to Enlarge Graphic Click to enlarge chart Click to enlarge map Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click on image to enlarge... Click on image to enlarge... Click to enlarge...Click to enlarge...Click to enlarge...Click to enlarge... Click to enlarge... click to enlargeclick to enlargeclick to enlargeclick to enlargeclick to enlargeclick to enlargeclick to enlargeclick to enlargeclick to enlargeclick to enlargeclick to enlargeclick to enlargeclick to enlargeclick to enlargeclick to enlargeclick to enlargeclick to enlargeclick to enlarge click to enlarge