Legend: with your name, without your name.
Click on a circle above for names of organizations and details of data shared.
Pharmacy Benefits Managers
receive prescription billing information from pharmacies,
and provides data to health insurance companies for payment of prescriptions
on behalf of the pharmacies.
Laws require a prescription as a condition of acquiring controlled medications.
The information on a prescription includes your name, date of birth, and address,
the date, and the name of the physician and kind and dosage of the medication.
personal hospital discharge data
from at least FL
See more information about the
fields of data shared,
an example of matching real names to the records
in statewide discharge data, and
which states use standards less than the HIPAA standard.
Express Scripts, Ernst & Young
had a data breach in 2013,
A partner at Ernst & Young is accused of sneaking into the headquarters of Express Scripts Holding Co. It is not clear how the Ernst & Young partner got into the headquarters, but it is believed that he emailed over 20,000 pages of data to a personal account. Express Scripts Holding Co. accused Ernst & Young of stealing the information in order to develop its health care division. Express Scripts Holding filed a lawsuit; the accused partner is no longer employed by Ernst & Young.
Medco Health Solutions had a data breach in 2006, in Ohio. A laptop containing social Security numbers for State of Ohio employees and their dependents, as well as their birth dates and, in some cases, prescription drug histories was stolen from an employee. The theft occurred in December and Medco contacted Ohio officials in February. The company agreed to provide free credit monitoring and fraud alert services for the affected families for one year. [source]
Virginia Prescription Monitoring Program had a data breach in 2009, in Virginia. The information was breached via Network Server. [source]
(return to health DataMap)