Blue Cross and Blue Shield of North Carolina shares private information of hundreds of thousands of its clients to an outside company that helps design its software.
The company told The News & Observer of Raleigh (http://bit.ly/11NBu9n) that it protects the information, which includes names, Social Security numbers and medical data, with hardware and software that control how it is used and strict contracts. The company also points out it has never had a security breach.
But computer experts say the practice is dangerous and recommend the insurer look at scrambling the data.
Blue Cross is the biggest private health insurer in North Carolina, with 3.7 million members. A 2010 company memo says it sent the complete data of 845,000 clients to an outside software company without scrambling it.