Joseph R. Swedish, CEO of Anthem Inc., one of the largest healthcare providers in the US, announced Wednesday, that despite efforts to appropriately safeguard their information, they suffered a major cyberattack. This attack is said to have affected as many as 80 million people.
According to Anthem, this attack compromised both patient and employee information, names, birthdays, medical ID’s, Social Security numbers, street addresses, email addresses, and employment and income information. Swedish said in a letter published on a website about their response to the incident, “Once the attack was discovered, Anthem immediately made every effort to close the security vulnerability, contacted the FBI, and began fully cooperating in the investigation.” (www.AnthemFacts.com) They have since taken measures to improve their security environment by fully evaluating their systems.
HIPAA laws mandate that you properly safeguard the Personally Identifiable Information (PII) that you collect, and data breaches such as this can often result in heavy fines. There are specific guidelines in regards to protecting this information as well as reporting a breach once it has been discovered. In too many cases, businesses scramble to pick up the pieces as a result from a breach rather than already having in place a strong defense to protect the PII for which they are responsible. This is a scary time for the cyberworld, and with the discovery of this massive data breach we should be encouraged to continue to improve and strengthen our security measures as the landscape continually evolves.
If you need help assessing your current security environment or need help developing your Incident Response Plan, call us today at 800-770-2701 for a free consultation.