theDataMap

Documenting all the places
personal data goes.

healthDataMap


Legend: with your name, without your name.
Click on a circle above for names of organizations and details of data shared.


Retirement & Disability companies include workers compensation and non-union retirement benefits organizations plans. Employers may be required to provide health information for workers compensation and you may need to provide information to benefits organizations.

Examples

Labor And Industries/Insurance Services, WA purchases statewide personal hospital discharge data from at least WA [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

Brownsville Independent School District had a data breach in 2011, in Texas. Brownsville ISD discovered that a number of employees had their names, Social Security numbers, disability plan information, and salary information available on a publicly accessible website. Employees who were enrolled for disability insurance had their information posted in April 2011 on the Employee Benefits/Risk Management website. [source].

  

California Workers Compensation Institute purchases statewide personal hospital discharge data from at least CA [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

Electronic Data Systems Corp. (EDS) had a data breach in 2007, in California. An EDS employee working on a project involving processing workers compensation related medical bills for Firemans Fund had his laptop stolen from his car on January 19. Names and Social Security numbers were exposed. (30 records involved) [source].

  

Commission On Health And Safety And Workers Compensation CA purchases statewide personal hospital discharge data from at least CA [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

Kern County Employees Retirment Association had a data breach in 2010, in California. A former employee was convicted of using the Social Security number of a member to create a false identity. The county employee opened a line of credit and had committed felonies before being hired at KCERA in a position with access to retirees personal information. (37,000 records involved) [source].

  

Maine Workers Compensation Board purchases statewide personal hospital discharge data from at least ME [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

Nebraska Workers Compensation Court had a data breach in 2009, in Nebraska. Someone broke into a server that temporarily held injury reports. Whenever a worker has a job-related injury, a report is filed with the Workers Compensation Court and the information is temporarily stored on that server. Personal information, including birth dates and Social Security numbers, would have been on the server. [source].

  

N C C I Holdings purchases statewide personal hospital discharge data from at least TN [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

Southern California Medical-Legal Consultants, Inc. (SCMLC) had a data breach in 2011, in California. A data security firm discovered that SCMLC data was available online. The names and Social Security numbers of around 300,000 people who applied for California workers compensation benefits may have been accessed by unauthorized parties. (300,000 records involved) [source].

  

NYC Workers Compensation Board purchases statewide personal hospital discharge data from at least NY [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

Workers Compensation Fund had a data breach in 2008, in Utah. Officials with one of Utahs largest insurance companies are searching for a stolen laptop containing Social security numbers and other personal information for about 2,800 people and 1,400 companies. The computer was taken from a car parked in the home garage of an auditor for the Workers Compensation Fund. (2,800 records involved) [source].

  
  

(return to health DataMap)



Copyright © 2012-2016 President and Fellows Harvard University.