Lessons Learned from the Recent Anthem Cyber-Attack
Taking a look at the recent cyber-attack on health insurance giant Anthem, there seems to be a consensus that the institution was particularly vulnerable due to a lack of internal encryption. Another point to consider is that this industry is slower to adopt measures like keeping personal information in separate databases that can be closed off in the event of a security breach. It is also worth noting that backup data is often overlooked in terms of encryption for security. To increase security and reduce liability, be sure your backup data is also encrypted whether it is in flight or at rest.
Though data breaches and identity theft presents an ongoing problem for many companies, the value of a stolen credit card number expires quickly (hours by some estimates) as card providers have developed increasingly sophisticated systems and internal controls to combat fraud. Some experts warn that many more large scale attacks on medical data could be on the horizon as medical services are delivered through a patchwork of independent insurance companies, individual practitioners and hospitals. Every node in the network must adhere to the same encryption standards for backup and recovery. Do you know how many (digital) hands your data is passing through?
The healthcare business generates massive amounts of data. By stealing a patient’s personal data and health insurance information, criminals are able to illegally obtain medicine, equipment and services. The victim is then left to deal with the insurance company and various creditors to resolve the aftermath. Sometimes, the victim can even lose their medical coverage, resulting in out-of-pocket expenses to have their insurance reinstated. There is also a possibility that the legitimate patient’s medical record may be altered with incorrect information as a result of theft or fraud. This may hamper the patient’s ability to obtain proper medical treatment in the future.
Naturally, if companies take appropriate measures in advance for securing their data they would save a lot of money and time. It would also go a long way towards preserving the company’s reputation and customers’ favorable opinions. The information in play for the healthcare industry goes far beyond financial and can have long lasting ramifications for everyone involved.
Note: All trademarks, service marks, trade names, trade dress, product names and logos appearing on the site are the property of their respective owners.