Question: Are Hawaii patients affected by the Kaiser data breach?
Answer: Yes, information about current and former members throughout Kaiser Permanente’s multistate health care system was exposed to third-party vendors via online trackers. We asked a Honolulu spokesperson for specifics about the impact in Hawaii, but our questions were forwarded to Kaiser headquarters in California, where a spokesperson said a statement by the company dated April 12 would be the only response. It says:
“Kaiser Permanente has determined that certain online technologies, previously installed on its websites and mobile applications, may have transmitted personal information to third-party vendors Google, Microsoft Bing, and X (Twitter) when members and patients accessed its websites or mobile applications.
“The information that may have been involved was limited to: IP address, name, information that could indicate a member or patient was signed into a Kaiser Permanente account or service, information showing how a member or patient interacted with and navigated through the website and mobile applications, and search terms used in the health encyclopedia. No usernames, passwords, Social Security numbers, financial account information, or credit card numbers were included in the transmission to these third parties.
“Kaiser Permanente conducted a voluntary internal investigation into the use of these online technologies, and subsequently removed them from the websites and mobile applications. In addition, Kaiser Permanente has implemented additional measures with the guidance of experts designed to safeguard against recurrence of this type of incident.
“Kaiser Permanente is not aware of any misuse of any member’s or patient’s personal information. Nevertheless, out of an abundance of caution, we are informing approximately 13.4 million current and former members and patients who accessed our websites and mobile applications. We apologize that this incident occurred.”
As of Dec. 31, Kaiser had about 12.5 million current members in eight states and the District of Columbia, including more than 271,000 throughout Hawaii, according to its website.
Kaiser Foundation Health Plan Inc., which operates as Kaiser Permanente, reported the data security breach to the U.S. Department of Health and Human Services and California’s attorney general on April 12. Although not a malicious hack by cybercriminals, the disclosure of patients’ information to third-party advertisers such as Google was reported to comply with the federal healthprivacy law known as HIPAA.
In May, Kaiser will begin individually notifying affected members who had used its website and mo- bile apps, “in all markets where Kaiser Permanente operates,” the website Tech Crunch reported Thursday. As the statement said, the data disclosed to third-party advertisers included health topics Kaiser members had looked up on those sites.
Q: Will the DMV machine take cash?
A: No. The bright yellow DMV Now Kiosks at eight grocery stores around Oahu accept only credit and debit cards, according to Honolulu’s Department of Customer Service. “A credit fee of 2.5% and $4 remote transaction fee will be applied to each transaction,” the CSD website says. These kiosks process motor vehicle registration renewals for cars, trucks, motorcycles, mopeds or trailers, the website says.
Mahalo
On the morning of March 27, I was on my way to work, and my car stalled in the middle of Waialae Avenue in front of Planet Fitness. There were a few people that offered to help me. A parent took my son to school for me, another gentleman pulled in front of my stalled car and offered to push my car off to the side, and a couple helped my dad jump my car to at least push my car into the Kahala Mall parking lot. I would like to extend my deepest gratitude for all those wonderful people. Thank you! — Whitney N.
Write to Kokua Line at Honolulu Star-Advertiser, 500 Ala Moana Blvd., Suite 7-500, Honolulu, HI 96813; call 808-529-4773; or email kokualine@staradvertiser.com.