The Iowa Department of Health and Human Services (HHS) announced on Tuesday that a data breach at a third-party contractor affected around 20,800 Iowa Medicaid members. Independent Living Systems (ILS), a state-contracted company responsible for performing service assessments, detected the breach, which is believed to have occurred from June 30 to July 5, 2022. The breach led to the release of personal identifying information, including full names, Medicaid details, and other sensitive data. Iowa Medicaid Director Elizabeth Matney says, “Medicaid takes the privacy of Iowans’ personal and health information seriously. We regret the inconvenience and the concern this incident may cause Medicaid members in Iowa. HHS will continue to do everything possible to protect member information from unauthorized access.” The ILS system was the only one affected, and the Iowa Medicaid system was not breached. Impacted members will receive a letter in the following weeks detailing the compromised information and providing guidance on how to prevent its unauthorized use. Members with questions regarding the breach can contact Iowa Medicaid Member Services at 833-257-1764.
