Month: August 2023

August 7, 2023

Approximately 612,000 Medicare beneficiaries have been impacted by a data breach involving a Medicare contractor.  On June 2, 2023, the Centers for Medicare & Medicaid Services (CMS) was notified by Maximus Federal Services (provide CMS with appeals services) of a data breach involving protected health information/personally identifiable information (PHI/PII) of approximately 612,000 Medicare beneficiaries.  The breach was caused by a vulnerability in a third party’s transfer software, MOVEit.   This software application, now a part of Progress Software, encrypts files and uses file transfer protocols such as FTP(S) or SFTP to transfer data, as well as providing automation services, analytics and failover options.  (See the CISA Alert)  No CMS systems were impacted.

August 1, 2023

Medicare Advantage (MA) plan, Martin’s Point Health Care, Inc. in Portland Maine, has agreed to settle false claims act allegations with the DOJ, for approximately $22.5 million.  This whistleblower case was brought on by a former manager of Martin’s Point’s Risk Adjustment Operations team, who will receive approximately $3.8 million.