On January 7, 2016, Centene Corporation — one of the largest Medicaid-focused managed care organizations in the United States, operating health plans in over 25 states — discovered that six unencrypted hard drives used to store member data for a health outcomes improvement project had gone missing. The drives could not be located. Centene disclosed the incident publicly on January 25, 2016. Approximately 950,000 health plan members whose laboratory services were processed between 2009 and 2015 were affected. Exposed data included names, dates of birth, Social Security numbers, member identification numbers, addresses, and laboratory test results. No financial, payment, or credit card data was stored on the drives. Centene offered all affected members free credit and healthcare monitoring services. The incident highlighted a persistent HIPAA compliance gap: unencrypted portable storage devices and hard drives containing protected health information. The $17.3 billion company (at the time) subsequently implemented enhanced encryption requirements for portable media. Centene merged with WellCare Health Plans in 2020, creating one of the largest Medicaid and Medicare managed care organizations in the U.S.