TRICARE data breach affects millions

WASHINGTON, D.C. (KXAN) - TRICARE is reviewing its data protection policies and procedures after it was notified of a data breach involving personally identifiable and protected health information.

In a public statement, TRICARE said the breach was on a backup system that contains electronic patient data from 1992 through Sept. 7, 2011 from patients that were treated at San Antonio area military treatment facilities (MTFs) (including the filling of pharmacy prescriptions) and others whose laboratory workups were processed in these same MTFs even though the patients were receiving treatment elsewhere.

Approximately 4.9 million patients documents are affected. 

The compromised information may include Social Security numbers, addresses and phone numbers, and some personal health data. There is no financial data, such as credit card or bank account information, on the backup tapes.

TRICARE goes on to say the risk of harm to patients is fairly low.

As TRICARE officials investigate the incident, they plan to notify everyone whose personal information may have been involved in the breach but that could take at least 4-6 weeks.

Concerned patients may contact the SAIC Incident Response Call Center at no charge, Monday through Friday from 9 a.m. to 6 p.m. Eastern time. Stateside, patients may call toll-free to 855-366-0140. Overseas, patients can make collect calls to 952-556-8312.