NHIA Investigation Shows No Data Leak So Far 健保署宣稱 無證據顯示健保個資外洩

Several employees of the National Health Insurance Administration (NHIA) are suspected of leaking people's personal information. Initial reports indicated there is no evidence of a data breach.

The National Health Insurance Administration revealed that internal staff are suspected of leaking personal information to the public and other intelligence agencies for 13 years. A few days ago, the media disclosed that the investigation found that the underwriting division conducted 130,000 inquiries about people's insurance information. No evidence of a data breach has been found from the Administration's investigation.

Tsai Hsiu-ching, Director, Civil Service Ethics Office, NHIA: “The colleague surnamed Hsieh inquired about more than 100,000 pieces of information during the period from Aug. 3 to Aug. 8th, 2018. Our preliminary investigation has shown that these inquiries were within the scope necessary to perform statutory duties.”

The NHIA said Hsieh retrieved the data for statistical analysis to evaluate the implementation of changes to the monthly retirement annuity for retired civil servants in July 2018. If retired civil servants changed from the first category of dependents to insure, to using the second and third categories of professional trade unions or agricultural and fishery associations, how much the NHIA's insurance premiums would be affected?

Tsai Hsiu-ching, Director, Civil Service Ethics Office, NHIA: “Hsieh calling data is currently for use in official business, and there are statistical results that are proof which can support his actions. Our current investigation shows de didn't call the personal data of specific national security personnel. And according to our logs, no data has been downloaded onto a USB drive.”

The employee surnamed Li who has been in charge of the underwriting business for more than 10 years, is still under investigation. He inquired about more than 133,000 and 35,000 records respectively during his period of accessibility.

健保署爆出內部職員疑似洩漏民眾個資長達13年，日前有媒體披露檢調擴大清查後發現，承保組謝姓同仁，查詢民眾投保資料筆數達13萬筆，健保署啟動行政調查後，發現無證據顯示資料外洩。

健保署政風室主任蔡秀卿指出：「謝姓同仁在107年8月3號到8月8號期間，有大量查詢大約10萬多筆的資訊。目前查有公務依據，初步認為符合《個資法》第15條第1款的，執行法定職務必要範圍內的查詢。」

健保署表示，謝姓同仁是因應107年7月退休公務員支領月退休年金改革制度實施，退休公務員如應該用第1類眷屬身分投保，卻改用第2、3類職業工會、農漁會身分投保，將影響健保保費收入。為了評估整體狀況，才進行統計分析。

健保署政風室主任蔡秀卿說明：「此項調閱目前是查有相關公務的辦理依據，以及也有分析統計的結果可以佐證，並不是刻意針對特定的國安機敏人員的個資進行查調。據目前的調查，並無該筆資料有遭人以USB存取攜出的LOG紀錄。」

至於負責承保業務超過10年的李姓職員，有查詢權限期間，分別查詢13萬3000多筆、3萬5000多筆資料。健保署說，因該員的調閱筆數不多，目前仍在調查中。