Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

What protections should be in place to protect from the kind of theft Anthem and its customers experienced? Does HIPAA security rules apply that may

What protections should be in place to protect from the kind of theft Anthem and its customers experienced? Does HIPAA security rules apply that may prevent an second occurrence? Could Anthem also be considered a victim of theft?

Background

On March 13, 2015, Anthem, Inc., which is one of the nation's largest health benefits companies providing medical care coverage to one in eight Americans through its affiliated health plans, filed a breach report with the HHS Office for Civil Rights (OCR) detailing that on January 29, 2015, they discovered cyberattackers had gained access to their IT system via an undetected continuous and targeted cyberattack for the apparent purpose of extracting data, otherwise known as an advanced persistent threat attack. After filing their breach report, Anthem discovered cyberattackers had infiltrated their system through spear phishing e-mails sent to an Anthem subsidiary after at least one employee responded to the malicious e-mail and opened the door to further attacks. The OCRinvestigation revealed that between December 2, 2014 and January 27, 2015, the cyber-attackers stole the electronic personal health information (ePHI) of almost 79 million individuals, including names, Social Security numbers, medical identification numbers, addresses, dates of birth, e-mail addresses, and employment information.

Because of this breach, Anthem, Inc.agreed to pay a $16 million settlement to the U.S. Department of Health and Human Services, Office for Civil Rights and take substantial corrective action to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules.

Cybercriminals exploitpatient health datain many different ways. Medical records are rich with information that can be used for committing medical identity theft, tax fraud, sending fake bills to insurance companies, obtaining and then reselling expensive medical equipment, and so forth. Stolen medical data is so valuable in the dark webthat itcan sell for 10 to 20 times more than for the amount paidfor credit card data. In fact,stolen medical records of terminally ill patients are especially valuable because that information can be used long after the patient hasdied.

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Law Of Contract

Authors: Paul Richards

14th Edition

1292251484, 978-1292251486

More Books

Students also viewed these Law questions

Question

=+b) Compute the SD for each decision.

Answered: 1 week ago