The Department of Health Services (DHS) and The Management Group (TMG) are notifying IRIS participants of a breach of information due to theft of a laptop and a work bag of a TMG IRIS Consultant on February 5. TMG mailed notifications to 779 participants on April 3 who received services from TMG who have potentially been impacted by this breach of information. Due to the sensitive nature of data on the stolen laptop, all participants impacted by the breach have been offered one year of identity theft protection services without charge.
TMG is a business associate of the Wisconsin Department of Health Services and serves as an IRIS Consultant Agency for the IRIS Program.
The stolen laptop was encrypted, but the password to the laptop was in the stolen work bag which is against company policy. In the review, TMG found the laptop may have contained personal information about IRIS participants, including names, addresses, dates of births, participation in IRIS, services, Medicaid numbers, financial information, and social security numbers. Social security numbers of 23 participants were on the laptop. TMG is taking additional steps to protect against further breaches of personal information.
Participants who believe they may have been affected but have not received a notification letter by April 9 or have questions about this incident, can call 844-864-8987 from 8:00 a.m to 5:00 p.m. Monday through Friday or email ComplianceGuide@tmgwisconsin.com(link sends e-mail).