Texas health agency fired workers for improperly accessing personal data

The Texas Health and Human Services Commission last week announced that it recently notified users that their personal information may have been improperly accessed by agency employees.

The commission said it learned last Nov. 21 that the account information of at least 61,000 people may have been improperly accessed by state employees from June 2021 to December 2024.

The privacy breach includes full names, home addresses, telephone numbers, dates of birth, email addresses, Social Security numbers, Medicaid and Medicare Identification numbers, financial, employment, banking, benefits, health, insurance, medical, certificate, license and other personal identifying information.

The Texas Tribune reported that one HHSC employee claimed to have illegally obtained the personal information of 3,392 Texans. The report claims the commission fired two others who allegedly stole $270,000 from roughly 500 food stamp accounts. In total, the health agency fired seven employees accused in the privacy breach.

The agency, which manages government assistance programs in food, health care, safety, and disaster services, such as the Women, Infants, and Children, Children’s Medicaid, and Supplemental Nutritional Assistance programs, serves more than 7 million people every month, according to a 2024 state inventory.

The agency said it’s still determining if the privacy breach affected other health and human services programs.

“As the agency’s internal review continues, additional affected individuals identified will be notified. Employees involved in similar inappropriate and illegal conduct will be terminated and referred to the appropriate authorities,” the announcement read.

The health commission claims the employees involved were immediately fired following the incident. The Texas Office of Inspector General and prosecutor offices have opened an internal investigation to pursue criminal charges.