The South Carolina Medicaid agency apologized this month to a man whose identity was compromised when a staff member misplaced his health insurance application.
Jim Connor tried to apply for low-income Medicaid coverage in December after he was diagnosed with esophageal cancer. At the time, he had no insurance.
Instead of processing the application, a Medicaid employee in Dorchester County told him he wouldn’t qualify for the program. She advised him to drink some green tea and research his cancer diagnosis online.
“I was so upset,” Connor said. “I couldn’t believe someone in that position would say something like that.”
Later, a Medicaid employee at the Dorchester County office gave Connor’s paperwork, including his Social Security number, address and employment history, to another applicant.
Connor only learned of the breach when a woman named Gale Deckard, who was given Connor’s application by mistake, called him.
“Thank goodness it was someone like Gale,” Connor said. “She’s a really nice person and understands the concept of privacy.”
Janet Bell, a Medicaid civil rights official, told Connor in a letter dated May 5 that the agency regrets the “events,” which The Post and Courier highlighted in a Jan. 24 article.
“Please know we have conducted a thorough investigation into this incident, re-trained staff and are otherwise working to prevent occurrences of this nature in the future,” Bell wrote.
Colleen Mullis, a spokeswoman for the S.C. Department of Health and Human Services, which administers Medicaid in this state, would not answer questions about the incident for this article, citing patient privacy.
“We can’t speak about any of this,” she said.
The breach constitutes a violation of the federal Health Insurance Portability and Accountability Act, which prohibits health care providers and insurance companies from disclosing their patients’ private information.
Such violations carry penalties ranging from $100 to $50,000 or more, although a 2015 investigation by the nonprofit news organization ProPublica found that the federal enforcement agency rarely levies fines for noncompliance.
Connor, still battling cancer, said he’s content that the Medicaid agency apologized at all.
“They actually acknowledged that the mistake was made on their part and they’re working to correct it,” he said. “That’s the only good thing I see out of it. Like I said, it never should have happened.”
He notified the American Civil Liberties Union of the privacy violation but never filed a formal complaint with the federal government.
“I think they need to make sure this doesn’t happen again,” he said. “It feels like you’re really violated.”
Reach Lauren Sausser at 843-937-5598.