ICE Shared Private Medicaid Data With a Tech Company It Wasn't Supposed to Have
Government officials broke court rules by passing along health records of millions of people — including U.S. citizens — to immigration agents and then to a data firm.
A federal judge is demanding answers after immigration officials shared private health records with a tech company called Palantir — records they were never supposed to have. The data came from Medicaid, a government health program that helps millions of low-income Americans pay for medical care. Court documents show that officials at the Centers for Medicare and Medicaid Services, known as CMS, first shared the data with U.S. Immigration and Customs Enforcement, or ICE, back in January. ICE then passed that data along to Palantir, a company that builds tools ICE uses to track the addresses of people who may face deportation.
More than 20 Democratic state attorneys general — the top lawyers for their states — filed a legal motion on Thursday to bring these new details to light. They had already sued the Trump administration over a data-sharing deal between CMS and ICE. A federal judge in California named Vince Chhabria had ruled that some immigrant data could be shared, but only under strict rules. The new court papers show that those rules were broken more than once.
The January dataset that was shared without permission was very large. It included data on millions of people, not just undocumented immigrants. Some of the people in the files were refugees in Minnesota, and some were U.S. citizens — groups that were not supposed to be included at all. When the mistake was discovered, ICE was ordered to delete the files right away.
But the problems did not stop there. Federal officials later admitted that CMS accidentally shared the same improper dataset with ICE a second time. The government said the mistake happened while officials were trying to share data from states that were not part of the lawsuit. An ICE official named Alberto Briseno wrote in a legal statement that the file was deleted after the error was found and that it was not used for any law enforcement activity.
However, the situation became even more complicated. One day after Briseno reported the file had been deleted, a broader search found that about six ICE users still had copies of the January dataset on their devices. Briseno said he did not know of any more copies, but he admitted it was technically difficult to be sure every version of the file had been found and removed. He promised that ICE would keep trying to delete any copies that showed up.
Meanwhile, the Department of Justice is asking Judge Chhabria to expand the rules so that ICE can receive data on an even wider group of people. The Democratic attorneys general pushed back hard against that request. They argued that ICE had shown it could not safely handle the data it already had, so giving the agency more access made no sense.
The attorneys general also raised concerns about what happened after ICE shared the data with Palantir. When they asked what steps were taken to make sure Palantir deleted the files, officials said the data had been shared through a Microsoft Teams chat and then deleted from that chat. A court document showed a redacted — or blacked-out — conversation that appeared to show ICE workers asking Palantir to remove the file. Judge Chhabria had already warned that if the federal government could not handle the data carefully, it would lose the right to use it at all.
"If the federal government cannot be sufficiently careful then it can't use the information, ok?"
Comprehension quiz preview
1. Which company did ICE share the Medicaid data with after receiving it from CMS?
2. What does the word 'improperly' mean as used in this article?
3. Why were the state attorneys general upset about the government asking for more data access?