Officials with California's public health department have said that data on dozens of people who rely on the state's AIDS Drug Assistance Program was breached.
The agency's Office of AIDS said in its monthly report for April that it's "identified 93 ADAP clients whose information in the AJ Boggs portal was likely inappropriately accessed by an unknown individual (or individuals) who were not authorized to access the information between July and November 2016."
Although the number of affected clients is relatively small – ADAP, which helps people get access to the medications they need to stay alive, has 29,000 clients in California – the revelation comes as the health department continues trying to fix other problems with the system.
Boggs had been awarded the contract to oversee ADAP eligibility enrollment beginning in July 2016, and trouble started soon after that. The state terminated its contract with Boggs effective March 31. Concerns had included clients wrongfully being dropped from the system and losing access to medications.
The health department's report says that it became aware of the breach "on February 7, 2017, mailed breach notification letters to these clients on April 6, 2017, and is providing one year of credit monitoring to these individuals."
As the agency's addressed the breach, it's also been focusing on other parts of the ADAP program.
Magellan, another contractor that's been working with the health department, "will continue to provide real-time 24/7 access to medications, including a 30-day supply for existing clients who experience access issues at the pharmacy," the health department report says.
Spokespeople for the agency didn't respond to emailed questions about the data breach and other ADAP issues. Boggs CEO Clarke Anderson didn't respond to an interview request Wednesday morning.
Courtney Mulhern-Pearson, director of state and local policy at the San Francisco AIDS Foundation, said she hasn't heard of clients still experiencing trouble with enrollment and eligibility.
"The office had extended eligibility through the end of June, so any existing clients shouldn't have any problems anyway," Mulhern-Pearson said, adding, "I think there are technical issues they're working out with the system, but it so far appears like the system works better. We won't really know until" people's eligibility determinations happen.
Mulhern-Pearson said she'd like for the Office of AIDS to put "an ongoing list" of what it's working on and the status of its work online.
She also said that 94 clients' data had been breached, one more than the office reported.
"I have not come across anyone who was among those clients," she said.
The Office of AIDS also announced in its report that Sandra Robinson has been named ADAP branch chief. Robinson, who started April 17, most recently served as the chief of Healthy Aging Programs with the state's Chronic Disease Control Branch.