Oops. More than 40 percent of federal contractors to the Medicare and Tricare programs and state Medicaid agencies responding to a survey by the Government Accountability Office (GAO) said they had experienced privacy breaches involving personal healthcare information of beneficiaries, according to a study of 378 contractors and agencies.

Was outsourcing a factor? Kinda sounds like it. More than 90 percent of Medicare contractors and state Medicaid agencies and 63 percent of Tricare contractors reported some outsourcing of their work to domestic companies, while only one federal vendor and one state Medicaid agency reported directly contracting with an offshore entity for outsourced work. And 33 Medicaid Advantage contractors, two Medicare fee-for-service contractors and one Medicaid agency responding to the survey admitted that their domestic vendors transferred some of their work to offshore organizations. "Moreover, the reported extent of offshore outsourcing by vendors may be understated because many federal contractors and agencies did not know whether their domestic vendors transferred personal health information to their locations or vendors," the report said.

For more on the breaches:
- see the full report [1] (.pdf)