CMS Medicare provider database exposed some health providers’ Social Security numbers
Analytical frames for this storyTap to explore
The Facts
- A publicly accessible CMS database used to populate a Medicare provider directory exposed some health care providers’ Social Security numbers.
- The directory was created by CMS last year to help seniors look up which doctors and medical providers accept which insurance plans.
- The exposed data linked some providers’ Social Security numbers with their names and other identifying information.
- The database was available to the public for at least several weeks before it was taken offline.
- CMS took the database offline after journalists alerted the agency to the exposure.
- CMS said the issue stemmed from provider or provider-representative information being entered in the wrong places, including fields where qualification information would typically appear.
- Reports in the source pool do not establish a final total of affected providers, leaving the scope of the exposure unresolved even though journalists identified at least dozens of exposed numbers and POLITICO confirmed at least 102 providers in its review.
Context
What was this database for?
It was used to power a CMS provider directory created last year so seniors could search for doctors and other medical providers who accept particular insurance plans Washington Post,Reuters.
How were the Social Security numbers exposed?
According to CMS statements cited in the reporting, some provider or provider-representative information was entered into the wrong fields in the database; POLITICO reported the numbers appeared in a column that usually contains qualification information such as a state license number POLITICO,Anadolu Ajansı.
View all 16 sources
Wire services (2)
Independent coverage (14)
ArkansasOnlinePortal found to have leaked data | Arkansas Democrat Gazette
POLITICOCenters for Medicare and Medicaid Services exposes doctors' ...
International Business Times UKTrump Administration Inadvertently Exposed Healthcare Provid...
SC MediaMedicare directory exposes Social Security numbers of US hea...
The New RepublicDr. Oz's Big Medicare Project Leaked Tons of Social Security...
TechRadarError in Medicare database exposes US healthcare providers S...
Yeni ŞafakTrump Medicare portal exposes provider Social Security numbe...
NJTODAY.NETTrump's incompetent Medicare agency exposed Social Security ...
The InquisitrMedicare Portal Under Trump Administration Leaks Providers' ...
NewserGlitch on Medicare Site Exposes Doctors' Personal Data
Anadolu AjansıTrump administration portal inadvertently exposes Social Sec...
Democratic UndergroundMedicare portal database exposed health providers' Social Se...
DNyuzMedicare portal database exposed health providers' Social Se...
Washington PostMedicare portal database exposed health providers' Social Se...
About these frames
The Watchdog: Wrongdoing, responsibility, corruption, transparency. Who knew what, when, and what they did about it.
The Advocate: Liberty, speech, privacy, autonomy, rights, consent, choice. What freedoms are at stake.
The First Responder: Who gets hurt or helped. Quality of life, vulnerable groups, public health, human cost and benefit.
The Architect: Stability, law, enforcement, institutional design, separation of powers, regulatory process, rule of law. How are order and governance maintained?
The Guardian: Sanctity, degradation, bodily autonomy, moral boundaries, human dignity, bioethics, environmental purity. Where are the lines that should not be crossed?
See this differently than someone you know would? Two ways to keep it going.
The dial works on any URL — paste an article you read elsewhere this week.