Eleven payroll employees who were supposed to receive portions of state worker benefits information received personal data on thousands by mistake.
Personal data for 13,000 state employees was inadvertently sent to 11 state human resource and payroll employees.
The personal information included employee names and Social Security numbers, according to a statement from Anne Waring, Virginia Department of Human Resource Management communications manager.
The department was notified by Conexis, Anthem’s subcontractor for Flexible Spending Account Services, which sent the personal data of flexible spending account participants to the human resource and payroll staffers.
According to a statement from Waring, human resources and payroll employees are authorized to receive “agency and location-specific employee data,” but they got the entire participant list.
The disclosure was not a Health Insurance Portability and Accountability Act security breach, according to the statement, but is still being taken seriously.
The state is working to enhance security and Anthem/Conexis will provide free access to credit monitoring and identity theft services, according to the statement.
«We will continue to monitor this situation and provide updates to the affected members as necessary», the department said in the statement.
