You have probably recently received a letter from Onsite Health Diagnostics regarding a security incident that may have compromised some health plan members’ personal information. This letter is authentic and should be taken seriously.

TSEA received the following update from Benefits Administration regarding the matter:

On behalf of the State of Tennessee, Healthways offers employee health screenings through services provided by Onsite Health Diagnostics (OHD). In June, Benefits Administration was notified that an unknown source gained unauthorized access to OHD’s 2013 old computer system during the time period from January 4, 2014 to April 11, 2014.

OHD became aware of the incident on April 11, 2014, and initiated an investigation with third-party, national security and computer forensic experts and it was determined the information accessed was from an old information table.

The information that might have been accessed is: the name, address, email address, phone number, date-of-birth and gender of 60,582 health plan members who participated in wellness screenings required for their 2013 Partnership Promise. The information accessed did NOT include Social Security numbers, Employee ID numbers, or any medical information.

OHD has not used this system since the fall of 2013, a new scheduling system has been in use, and additional security controls have been implemented on this new system.

What this means for these members: Benefits Administration has requested OHD to notify these members about the security incident. Onsite Health Diagnostics (OHD) sent a letter on, Friday, August 8 to members impacted letting them know about the incident and to offer them free identity theft protection. CLICK HERE to access a reference copy of the letter.

Plan members who have questions should call the number OHD has provided in the letter, 1-866-266-9285; or members can contact the Benefits Administration privacy officer at [email protected].

UPDATE:

Since the above post, TSEA has received important additional information from Benefits Administration regarding the issue . That information is listed below: 

Update from BA: Onsite Health Diagnostics (OHD) Security Incident Letter

• Not all of our health plan members are receiving a letter from OHD. 60,582 members were impacted out of more than 275,000 members.

• The OHD letter is legitimate. Members who are receiving this letter are the members impacted by an unauthorized access to their some of their data (name, address, phone number, email address, gender and date-of-birth) which was stored on an old OHD computer system. Data did NOT include social security numbers, medical or financial data.

• Please note: Only members who receive the letter from OHD are eligible for the free Identity Theft Protection.

• Please make sure your Human Resources department is aware that some of our members are receiving the letter.

• The phone number for affected members to call is correct in the letter. The correct number to reach the OHD/ID Experts call center is 1-888-266-9285. Members can also contact the BA privacy officer at [email protected].

Questions?

Gwen Tuttle 
TSEA Compensation and Benefits Manager
[email protected]
615-256-4533 (ext. 232) | 800-251-TSEA (8732)

or

Gayle Robb
TSEA Compensation and Benefits Coordinator
[email protected] 
615-256-4533 (ext. 229) | 800-251-TSEA (8732)