A server misconfiguration at a firm that provides medical claims processing for correctional facilities exposed sensitive information of nearly 600,000 inmates who received medical care during the last decade while incarcerated.
Kentucky-based CorrectCare Integrated Health Inc. on Oct. 31 reported to the U.S. Department of Health and Human Services at least three “unauthorized access/disclosure” breaches affecting a total of nearly 500,000 individuals involving its server misconfiguration incident.