Bloomington based HealthPartners is notifying health plan members about a privacy breach.
The company said the data breach happened between 2008 and 2010 when an employee took home electronic health plan information and showed the information to a family member.
The employee was seeking help to prepare company reports. The files were also improperly copied to multiple devices in order for the employee to work from home.
Affected policy holders were identified and sent letters telling them about the incident, according to a notice on the company website. News reports indicate the letters are going to about 38,000 people.
The files primarily included name, birth date and health plan number, HealthPartners officials said.
One file contained one member's social security number.
The company said it does not believe the information was shared with anyone outside of the employee's family.
HealthPartners is offering one year of free identity protection to all members who were affected by the data breach.