Weather Alert  

"Coastal Flood Advisory" ...Coastal flood advisory in effect from 4 am to 7 am EST Friday... The National Weather Service in New York NY has issued a coastal flood advisory, which is in effect from 4 am to 7 am EST Friday. * Locations...western Long Island Sound including New Haven and Fairfield counties in southern Connecticut, Westchester, Bronx, northern Queens, northern Nassau and northwest Suffolk counties in New York. * Tidal departure...2 to 3 ft above astronomical tides around the times of high tide. * Coastal flood impacts...there is a low threat of property damage. Shallow flooding is expected in the most vulnerable locations near the Waterfront and shoreline. Expect around 1 to 2 feet of inundation above ground level in low lying, vulnerable areas. Some roads and low lying property including parking lots, Parks, lawns and homes/businesses with basements near the Waterfront will experience shallow flooding. * Timing...around the times of high tide tonight. Precautionary/preparedness actions... A coastal flood advisory indicates that onshore winds and tides will combine to generate flooding of low areas along the shore. Time of high total tides are approximate to the nearest hour. Bridgeport CT MLLW categories - minor 8.9 ft, moderate 10.4 ft, major 11.4 ft mhhw categories - minor 1.6 ft, moderate 3.1 ft, major 4.1 ft total total departure day/time tide tide from norm waves flood ft MLLW ft mhhw ft ft impact -------- --------- --------- --------- ------- -------- 16/05 am 8.9/ 9.4 1.6/ 2.0 2.7/ 3.2 2-3 minor Stamford CT MLLW categories - minor 9.4 ft, moderate 11.0 ft, major 12.4 ft mhhw categories - minor 1.5 ft, moderate 3.1 ft, major 4.5 ft total total departure day/time tide tide from norm waves flood ft MLLW ft mhhw ft ft impact -------- --------- --------- --------- ------- -------- 16/05 am 9.3/ 9.8 1.4/ 1.9 2.7/ 3.2 2-3 minor New Haven CT MLLW categories - minor 8.6 ft, moderate 9.2 ft, major 10.5 ft mhhw categories - minor 1.9 ft, moderate 2.5 ft, major 3.8 ft total total departure day/time tide tide from norm waves flood ft MLLW ft mhhw ft ft impact -------- --------- --------- --------- ------- -------- 16/05 am 8.4/ 8.9 1.7/ 2.2 2.7/ 3.2 2 minor Kings Point NY MLLW categories - minor 10.0 ft, moderate 10.5 ft, major 13.0 ft mhhw categories - minor 2.2 ft, moderate 2.7 ft, major 5.2 ft total total departure day/time tide tide from norm waves flood ft MLLW ft mhhw ft ft impact -------- --------- --------- --------- ------- -------- 16/06 am 9.4/ 9.9 1.6/ 2.0 2.8/ 3.4 2 none Old Field NY MLLW categories - minor 9.2 ft, moderate 10.2 ft, major 12.2 ft mhhw categories - minor 1.9 ft, moderate 2.9 ft, major 4.9 ft total total departure day/time tide tide from norm waves flood ft MLLW ft mhhw ft ft impact -------- --------- --------- --------- ------- -------- 16/05 am 9.1/ 9.6 1.8/ 2.2 3.0/ 3.5 2-4 minor Glen Cove NY MLLW categories - minor 10.1 ft, moderate 11.1 ft, major 13.1 ft mhhw categories - minor 2.2 ft, moderate 3.2 ft, major 5.2 ft total total departure day/time tide tide from norm waves flood ft MLLW ft mhhw ft ft impact -------- --------- --------- --------- ------- -------- 16/05 am 9.2/ 9.7 1.3/ 1.8 2.6/ 3.1 2-3 none -- Thursday Nov.15 18,06:04 AM

A.G. Schneiderman Announces $575,000 Settlement With Emblemhealth After Data Breach Exposed Over 80,000 Social Security Numbers

LongIsland.com

EmblemHealth Agrees to Implement Corrective Action Plan and Conduct Comprehensive Risk Assessment.

Print Email

New York Attorney General Eric T. Schneiderman.

Photo by: Office of AG Schneiderman, via YouTube

New York, NY - March 7, 2018 - Attorney General Eric T. Schneiderman today announced a settlement with healthcare provider EmblemHealth and wholly owned subsidiary Group Health Incorporated (“EmblemHealth”) after the company admitted a mailing error that resulted in 81,122 social security numbers being disclosed on a mailing. In addition to paying a $575,000 penalty, EmblemHealth agreed to implement a Corrective Action Plan and conduct a comprehensive risk assessment.
 
Attorney General Schneiderman today reiterated his call to improve New York’s weak and outdated security laws with the “Stop Hacks and Improve Electronic Data Security Act” (or “SHIELD Act”). Introduced by the Attorney General in November 2017, the SHIELD Act would comprehensively protect New Yorkers’ personal information from the growing number of data breaches and close major gaps in New York’s data security laws, without putting an undue burden on businesses.
 
“The careless handling of social security numbers is never acceptable,” said Attorney General Schneiderman. “New Yorkers need to be able to trust that companies entrusted with their private information will guard it appropriately. This starts with good governance—which is why my office will continue to push for stronger security laws and hold businesses accountable for protecting their customers’ personal data.”
 
EmblemHealth is one of the largest health plans in the United States. On October 13, 2016, it discovered that it had mailed 81,122 policyholders, including 55,664 New York residents, a paper copy of their Medicare Prescription Drug Plan Evidence of Coverage (“EOC Mailing”) that included a mailing label with the policyholder’s social security number on it. Normally, all mailings include a unique mailing identifier that is printed on the envelope. However, in this case, the mailing inadvertently included the insured's Health Insurance Claim Number, which incorporated the insured's social security number.
 
Pursuant to the federal Health Insurance Portability Accountability Act, as amended by the Health Information Technology for Economic and Clinical Health Act (“HIPAA”), EmblemHealth is required to safeguard patients' protected health information, including social security numbers, and utilize appropriate administrative, physical and technical safeguards. In connection with its 2016 EOC Mailing, EmblemHealth failed to comply with many of the standards and procedural specifications as required by HIPAA. Printing an individual's social security number on “a postcard or other mailer not requiring an envelope, or visible on the envelope, or without the envelope having been opened” also violates New York General Business Law § 399-ddd(2)(e).
 
In addition to paying a $575,000 penalty, under the settlement EmblemHealth must implement a Corrective Action Plan that includes a thorough risk analysis of security risks associated with the mailing of policy documents to policyholders, and submit a report of those findings to the Attorney General’s office within 180 days of the settlement. EmblemHealth must also review and revise its policies and procedures based on the results of the assessment, and notify the Attorney General’s office of any action it takes. If no action is taken, EmblemHealth must provide a written detailed explanation of why no action is necessary. EmblemHealth must also catalogue, review, and monitor mailings and make reasonable efforts to ensure: (a) all relevant workforce members are adequately trained for each discrete job function that they are tasked with or assigned to perform related to mailings; (b) report any known violations of EmblemHealth policies and procedures relating to the HIPAA Minimum Necessary Standard, as set forth in 45 C.F .R. § 164.502(b) and § 164.514(b), to the appropriate EmblemHealth official and remediate any known violations as soon as practicable; and (c) for a period of three (3) years, report security incidents involving the loss or compromise of New York residents' information to the Attorney General’s office that might not otherwise trigger the reporting requirements of New York State law. 
 
This case was handled by Bureau of Internet and Technology Deputy Bureau Chief Clark Russell, under the supervision of Bureau Chief Kathleen McGee. The Bureau of Internet and Technology is overseen by Executive Deputy Attorney General for Economic Justice Manisha M. Sheth.