Risk to Tricare beneficiary data met with proactive response

  • Published
A limited amount of Tricare beneficiary data may have been placed at risk through a violation of internal computer security practices at Science Applications International Corporation. Analysis shows the chance any data was compromised is low, but action is being taken to ensure that affected Tricare beneficiaries are kept informed.

The incident occurred when patient data was stored in a manner that did not meet security specifications for the Department of Defense or SAIC. The information was held on a single, SAIC-owned server at an SAIC location in Florida. The server, which was not behind a firewall and did not contain adequate password protections is no longer in use.

The data, which was processed by SAIC under several military health care contracts, may have included personal information such as beneficiary names, addresses, social security numbers, birth dates and limited health information.

SAIC is mailing letters from Army Maj. Gen. Elder Granger, deputy director of the Tricare Management Activity, and from retired Marine Corps Maj. Gen. Arnold L. Punaro, SAIC executive vice president, to approximately 580,000 households informing beneficiaries of the potential risk. Letters will arrive the week of July 23 and also contain consumer identity protection information.

"We take this potential data compromise very seriously," General Granger said. "The risk has been identified as low, but the Department of Defense is ensuring that steps are taken to keep affected beneficiaries informed."

SAIC is making a call center available to handle questions and concerns and the toll-free number for the United States and a collect-call number for overseas residents is included with the letters. The center will be staffed with identity-theft specialists who will answer concerns about the incident as well as provide callers with general information on credit fraud and identity theft matters. Affected beneficiaries are being offered a free, one-year subscription to an identity restoration service.

Links to additional information can be found at the Tricare Web site "press room".

Information on steps Tricare beneficiaries can take to protect themselves from identity theft is available at www.tricare.mil/tmaprivacy/itpr.cfm.  

(Courtesy fo Tricare Management Activity)