By Julia Vann
After a major healthcare breach, Anthem has agreed to pay $16 million to OCR. Anthem is one of the second largest healthcare security firms in the U.S. It owns licenses for both Blue Cross and Blue Shield Association.
According to HIPAA, a hacker targeted Anthem resulting in a breach that lasted around a month. It resulted in the theft of the personal information of 78.8 million members’. This is the largest HIPAA breach settlement as of yet. This is not only due to the scope of the attack, but also due to the size of the company.
In addition to the settlement to OCR for their violations, the company has also agreed to settle the lawsuit taken against them on behalf of the customers’ who had their information stolen. They settled for $115 million.
A phishing email scam is suspected to have caused the breach. This allowed the hackers to access all of the personal information contained on the databases.
As a healthcare security firm, Anthem should be extra vigilant with their own security. There is a phrase, “security can’t come at the price of convenience.” This means when there is too much security, humans are bound to make errors as a result. This includes stuff such as taping the password to the front or back of a computer.
While this is true, for a company like Anthem, which holds the private information of so many people, security cannot be convenient. That convenience is what caused a major breach.
In the future, for this company and companies like it, they need to increase vigilance and training to prevent something like this from ever happening again.
To learn more about HIPAA compliance, visit the American Medical Compliance website.