In February 2015, as many as 80 million customers of the nations secondlargest health insurance company, Anthem Inc., had their account information stolen. This compromise affected customers in at least 14 different states where Anthem provided services. The hackers gained access to Anthems computer system and got information including names, birthdays, medical IDs, Social Security numbers, street addresses, email addresses, and employment information including income data. Both current and former customers were exposed during this breach. So, while this was an attack against a medical provider and it resulted in a massive data breach, regulatory requirements were not sufficient to help prevent this breach. Because no actual medical information appears to have been stolen, the breach would not come under Health Insurance Portability and Accountability Act (HIPAA) rules, which govern the confidentiality and security of medical information.

Based on the Test Out sections from this module and the additional module resources you have reviewed, your paper should address the following critical elements:

1. Identify of cyber security principles that were violated and rationale of cause

2. Analyze cryptography that would have helped prevent this breach

3. Recommendation of additional policies that would have been useful to mitigate the breach or even prevent the breach