HARRISBURG, Pa. (WHTM) — A Pennsylvania lawmaker is calling for accountability after a data breach that exposed the personal information of tens of thousands of Pennsylvanians.
The Department of Health paid the private company Insight Global to do contact tracing when the pandemic hit. On Thursday they revealed that some of the company’s employees used a database outside of the secure systems to collect personal information.
That exposed the names of at least 72,000 Pennsylvanians along with some phone numbers, emails, genders, age, sexual orientation and covid diagnoses.
“The Department of Health takes the safety and security of individuals’ personal information extremely seriously,” according to a statement. “We are extremely dismayed that employees from Insight Global acted in a way that may have compromised this type of information and sincerely apologize to all impacted individuals.”
State Representative Jason Ortitay (R- Allegheny, Washington) says he found out about this data breach weeks ago and sounded the alarm then.
“There’s no reason that this should have happened,” Ortitay said. “It’s infuriating on my part because I went to the Governor’s staff. I wanted them to be aware of this immediately. So I don’t know why they dropped the ball, who they talked to, who they didn’t talk to and what information they were given. But obviously whatever they got was completely false and untrue because here we are today with everybody’s information out there.”
Now Insight Global is investigating the breach and notifying anyone whose information might have been exposed.
“It’s something that should not have happened. There should have been accountability and there should have been oversight into these contracts, because to date this vendor has been paid 29 million dollars. And that’s all taxpayer dollars there,” Ortitay said.
House Republican Spokesman Jason Gottesman says the blame lies with the health department and the Wolf administration.
“This is a gross breach of trust by the administration and frankly it’s shameful that this had to happen,” Gottesman said. “There needs to be greater oversight and accountability. This comes from a no-bid contract authority directly associated with the Governor’s emergency disaster declaration which has been going on for over a year now.”
The Department of Health says they are not renewing Insight Global’s contract once it expires on July 31st.
“This vendor should be terminated immediately today,” Ortitay said. “Because as you know it is so hard to get people to answer the phone these days and now with the public knowing that their information could have been compromised they’re not going to answer the phone knowing this company is the one making the phone calls.”
If you have any concerns about this breach you can call a hotline at 1-855-535-1787 starting at 1 p.m. The hotline will be staffed Monday through Friday, from 9:00 a.m. to 9:00 p.m.