KY State Retirees' Data Sent Unsecured

March 19, 2009 ( - Names, dates of birth and Social Security numbers of roughly 28,000 state retirees were emailed to the Kentucky Retirement Systems by its pharmacy benefit provider without being properly encrypted for security purposes.

The Louisville Courier-Journal reports that the email also contained health insurance claim numbers but not personal health information. The file contained information on members who were both Medicare-eligible and used the retiree pharmacy benefit through Walgreens in 2007.

The likelihood of any harm is “minimal,” but there is a “remote” possibility that the records were accessible while being transmitted, the Walgreens Health Initiative said in a letter to retirees’ affected by the incident, according to the newspaper. Walgreens said it is taking sole responsibility for the problem.

Walgreens confirmed that the proper person received the email. Mike Burnside, executive director of the retirement systems, said officials have no reason to believe the data fell into the wrong hands, according to the news report.