Anthem's $16M breach settlement reminds others to assess their cyber risks
Skip to main content
MDHC_Logotype_white
Subscribe
  • My Account
  • Login
  • Subscribe
  • News
    • This Week's News
    • COVID-19
    • Providers
    • Insurance
    • Government
    • Finance
    • Technology
    • Safety & Quality
    • People
    • Regional News
    • Digital Edition
    • Biden's early approach to virus: Underpromise, overdeliver
      Avocado
      Avocado a day keeps the doctor away
      An older man wearing a mask receiving a vaccine.
      Want more diversity in clinical trials? Start with the researchers
      A phone screen showing the question, "Mary we hope this information was helpful and we'd like to keep guiding you. Are you interested in knowing when it's your turn to receive the vaccine?"
      Chatbots, texting campaigns help manage influx of COVID vax questions
    • Biden's early approach to virus: Underpromise, overdeliver
      Dr. Karen DeSalvo
      Next Up Podcast: What to expect with telehealth and healthcare technology in the next 4 years
      Two travel nurses wearing personal protective equipment.
      Healthcare providers face high costs, demand for agency staff as COVID-19 rages
      An older man wearing a mask receiving a vaccine.
      Want more diversity in clinical trials? Start with the researchers
    • Health suffers as rural hospitals close
      Medicare ACO participants fell in 2021
      Louisiana gets reports vaccine providers are discriminating
      'We know this is real': New clinics aid virus 'long-haulers'
    • Last-minute COVID costs cut into UnitedHealthcare's $396 million operating income
      CMS approves rule forcing insurers to ease prior authorization
      COVID-19 still a big uncertainty for insurers in 2021
      Health insurers' outlook boosted after Dems' Georgia win
    • It's a secret: California keeps key virus data from public
      lacewell_linda_supertinendent_dept_of_financial_services_8.47.jpg
      New York state investigates drug price spikes during pandemic
      Health experts blame rapid expansion for vaccine shortages
      HHS freezes rule targeting community health centers' drug discounts
    • By the Numbers: 20 largest healthcare investment banks in 2020
      Providers await new HHS coronavirus grant reporting deadline
      Operation Warp Speed Dr. Moncef Slaoui, Pfizer Group President Angela Hwang, Moderna CEO Stephane Bancel, CVS Health Executive Vice President Karen Lynch and McKesson CEO Brian Tyler participate in a panel discussion on the COVID-19 vaccine.
      Hospitals, drug companies strive to stand out virtually at JPM
      Intermountain, Trinity, Memorial Hermann behind $300M private equity fund
    • Dr. Karen DeSalvo
      Next Up Podcast: What to expect with telehealth and healthcare technology in the next 4 years
      Next Up Podcast: What to expect with telehealth and healthcare technology in the next 4 years - Transcript
      A man in a room with servers.
      Momentum grows to outsource hospital tech functions in 2021
      5 things to know about Google's $2.1B Fitbit acquisition
    • 50% of Americans make resolutions. Fewer than 27% keep them over time.
      Data Points: Sticking with your resolutions
      An older man wearing a mask receiving a vaccine.
      Want more diversity in clinical trials? Start with the researchers
      Avocado
      Avocado a day keeps the doctor away
      U.K. chief scientist says new virus variant may be more deadly
    • Cerner names Erceg as new CFO
      Elizabeth Richter will serve as acting CMS administrator
      Providence names new chief financial officer
      Wisconsin's top health official departing for federal job
    • Midwest
    • Northeast
    • South
    • West
  • Insights
    • ACA 10 Years After
    • Best Practices
    • InDepth Special Reports
    • Innovations
    • The Affordable Care Act after 10 years
    • New care model helps primary-care practices treat obesity
      doctor with patient
      COVID-19 treatment protocol developed in the field helps patients recover
      Rachel Wyatt
      Project to curb pressure injuries in hospitals shows promise
      Yale New Haven's COVID-19 nurse-staffing model has long-term benefits
    • Dr. James Hildreth
      How medical education can help fight racism
      Modern Healthcare InDepth: Breaking the bias that impedes better healthcare
      Videos: Healthcare industry executives describe their encounters with racism
      Michellene Davis
      Healthcare leadership lacks the racial diversity needed to reduce health disparities
      Hospital divided into multiple pieces
      Health systems may be warming to offshoring, a mainstay practice for insurers
    • A phone screen showing the question, "Mary we hope this information was helpful and we'd like to keep guiding you. Are you interested in knowing when it's your turn to receive the vaccine?"
      Chatbots, texting campaigns help manage influx of COVID vax questions
      A woman with a wearable sensor talking to her provider.
      Wearable sensors help diagnose heart rhythm problems in West Virginia
      self service station
      COVID-19 pushes patient expectations toward self-service
      Targeting high-risk cancer patients with genetics
  • Transformation
    • Patients
    • Operations
    • Care Delivery
    • Payment
    • Highmark Health inks six-year cloud, tech deal with Google
      Study: 1 in 5 patients report discrimination when getting healthcare
      HHS proposes changing HIPAA privacy rules
      Android health records app launches at 230 health systems
    • California hospitals prepare ethical protocol to prioritize lifesaving care
      Amazon, JPMorgan Chase, Berkshire Hathaway disband Haven
      Digital pathways poised to reshape healthcare continuum in 2021
      Healthcare was the hardest hit by supply shortages across all U.S. industries
    • A phone screen showing the question, "Mary we hope this information was helpful and we'd like to keep guiding you. Are you interested in knowing when it's your turn to receive the vaccine?"
      Chatbots, texting campaigns help manage influx of COVID vax questions
      A woman with a wearable sensor talking to her provider.
      Wearable sensors help diagnose heart rhythm problems in West Virginia
      New care model helps primary-care practices treat obesity
      How hospitals are building on COVID-19 telehealth momentum
    • Regional insurers bet big on virtual-first plans
      MedPAC votes to boost hospital payments, freeze or cut other providers
      Most Next Gen ACOs achieved bonuses in 2019
      Congress recalibrates Medicare Physician Fee Schedule after lobbying
  • Data/Lists
    • Rankings/Lists
    • Interactive Databases
    • Data Points
    • Health Systems Financials
      Executive Compensation
      Physician Compensation
  • Op-Ed
    • Bold Moves
    • Breaking Bias
    • Commentaries
    • Letters
    • Vital Signs Blog
    • From the Editor
    • Wellstar CEO calls adapting for the pandemic her bold move
      Howard P. Kern
      Recognizing the value of telehealth in its infancy
      Dr. Stephen Markovich
      A bold move helped take him from family doctor to OhioHealth CEO
      Dr. Bruce Siegel
      Why taking a hospital not-for-profit was Dr. Bruce Siegel’s boldest move
    • Barry Ostrowsky
      Ending racism is a journey taken together; the starting point must be now
      Laura Lee Hall and Gary Puckrein
      Increased flu vaccination has never been more important for communities of color
      John Daniels Jr.
      Health equity: Making the journey from buzzword to reality
      Mark C. Clement and David Cook
      We all need to 'do something' to fight inequities and get healthcare right, for every patient, every time
    •  Alan B. Miller
      Looking ahead with optimism as we continue to transform healthcare
      Dr. Bruce Siegel
      By protecting the healthcare safety net, Biden can put us on the path to a stronger country
      Healing healthcare: some ideas for triage by the new Congress, administration
      Dr. Sachin H. Jain
      Medicare for All? The better route to universal coverage would be Medicare Advantage for All
    • Letters: Eliminating bias in healthcare needs to be ‘deliberate and organic’
      Letters: Maybe dropping out of ACOs is a good thing for patients
      Letters: White House and Congress share blame for lack of national COVID strategy
      Letters: VA making strides to improve state veterans home inspections
    • Sponsored Content Provided By Optum
      How blockchain could ease frustration with the payment process
      Sponsored Content Provided By Optum
      Three steps to better data-sharing for payer and provider CIOs
      Sponsored Content Provided By Optum
      Reduce total cost of care: 6 reasons why providers and payers should tackle the challenge together
      Sponsored Content Provided By Optum
      Why CIOs went from back-office operators to mission-critical innovators
  • Awards
    • Award Programs
    • Nominate
    • Previous Award Programs
    • Other Award Programs
    • Best Places to Work in Healthcare Logo for Navigation
      Nominations Open - Best Places to Work in Healthcare
      Nominations Open - Health Care Hall of Fame
      Nominations Open - 50 Most Influential Clinical Executives
    • 100 Most Influential People
    • 50 Most Influential Clinical Executives
    • Best Places to Work in Healthcare
    • Health Care Hall of Fame
    • Healthcare Marketing Impact Awards
    • Top 25 Emerging Leaders
    • Top 25 Innovators
    • Top 25 Minority Leaders
    • Top 25 Women Leaders
    • Excellence in Nursing Awards
    • Design Awards
    • Top 25 COOs in Healthcare
    • 100 Top Hospitals
    • ACHE Awards
  • Events
    • Conferences
    • Galas
    • Webinars
    • COVID-19 Event Tracker
    • Leadership Symposium
    • Healthcare Transformation Summit
    • Women Leaders in Healthcare Conference
    • Workplace of the Future Conference
    • Strategic Marketing Conference
    • Social Determinants of Health Symposium
    • Best Places to Work Awards Gala
    • Health Care Hall of Fame Gala
    • Top 25 Minority Leaders Gala (2022)
    • Top 25 Women Leaders Gala
  • Listen
    • Podcast - Next Up
    • Podcast - Beyond the Byline
    • Sponsored Podcast - Healthcare Insider
    • Video Series - The Check Up
    • Sponsored Video Series - One on One
    • Dr. Karen DeSalvo
      Next Up Podcast: What to expect with telehealth and healthcare technology in the next 4 years
      Carter Dredge
      Next Up Podcast: Ready, set, innovate! Innovation and disruption in healthcare
      Next Up Podcast: COVID-19, social determinants highlight health inequities — what next?
      Ceci Connolly
      Next Up Podcast: How to navigate the murky post-election waters
    • Beyond the Byline: Regulators aim to boost value push with fraud and abuse law updates
      An older man wearing a mask receiving a vaccine.
      Beyond the Byline: Verifying information on the chaotic COVID-19 vaccine rollout
      doctor burnout
      Beyond the Byline: How healthcare supply chain struggles contribute to employee burnout
      Beyond the Byline: Covering race and diversity in the healthcare industry
    • Leading intention promote diversity and inclusion
      Introducing Healthcare Insider Podcast
    • The Check Up: Chip Kahn
      The Check Up: Chip Kahn of the Federation of American Hospitals
      The Check Up: Trenda Ray
      The Check Up: Trenda Ray of the University of Arkansas for Medical Sciences
      The Check Up: Dr. Kenneth Davis
      The Check Up: Dr. Kenneth Davis of Mount Sinai Health System
      The Check Up: Dr. Thomas McGinn
      The Check Up: Dr. Thomas McGinn of CommonSpirit Health
    • Video: Ivana Naeymi Rad of Intelligent Medical Objects
  • MORE +
    • Advertise
    • Media Kit
    • Newsletters
    • Jobs
    • People on the Move
    • Reprints & Licensing
MENU
Breadcrumb
  1. Home
  2. Government
October 16, 2018 01:00 AM

Anthem's $16M breach settlement reminds others to assess their cyber risks

Rachel Z. Arndt
Shelby Livingston
  • Tweet
  • Share
  • Share
  • Email
  • More
    Print
    AP

    Anthem's record-breaking data breach settlement last week put providers and insurers on notice that ignoring cybersecurity risks could come with a hefty price tag.

    The nation's second-largest insurer will pay HHS' Office for Civil Rights $16 million over a 2015 data breach that affected almost 79 million people, the largest data breach ever reported to the agency.

    "The security risk analysis is not a check-the-box activity," said Beth Pitman, counsel for law firm Waller Lansden Dortch & Davis. "It needs to be updated regularly and incorporated into the business processes of the entity."

    Before Anthem, OCR's highest fine was $5.5 million—levied against Hollywood, Fla.-based Memorial Health System in 2017 for a breach that affected more than 115,000 people.

    In Anthem's case, hackers broke into the network to steal names, birthdates, Social Security numbers, home addresses and other information of current and former members and employees.

    Anthem should have conducted an enterprise-wide risk analysis and put minimum access controls in place to prevent hackers from getting information once they were in the system, according to the OCR.

    "It's not just about all the things they didn't do—it's really a public punishment and statement on what OCR is going to do when this occurs," said Bill Fox, chief strategist for global healthcare, life sciences and insurance for Marklogic.

    Indeed, in announcing the settlement, OCR Director Robert Severino noted that a "breach of trust" calls for a large penalty.

    The action against Anthem should serve as a reminder for organizations to review their cybersecurity strategies and safeguards. Specifically, they must conduct risk assessments—a practice the OCR has long encouraged.

    Cyberdefenses are particularly important for insurers, which have considerably more records than a single hospital or even a health system.

    The class action and federal settlements haven't made a dent in Anthem's bottom line, according to equity analysts. The insurer's annual profit hit $3.8 billion in 2017. Membership grew to 40.2 million at the end of last year, up 4% from 38.6 million in 2015, signaling the breach didn't affect the ability to attract customers.

    The insurer's annual reports filed with the Securities and Exchange Commission have not detailed the full cost of the data breach.

    A multistate investigation by insurance departments found that the attack occurred when a user at one of Anthem's subsidiaries opened a phishing email with malicious content, allowing hackers to gain remote access to the computer and Anthem's data warehouse.

    The results of that investigation, released in 2017, concluded that the hacker likely worked on behalf of a foreign government; some reports have linked the attack to China.

    Anthem paid $260 million for security improvements and remedial actions in response to the breach.

    Healthcare breaches are rising, with 277 breaches through the first nine months of 2018, compared with 271 during the same period the year before. Most breaches stemmed from hacking or "IT incidents," according to the OCR.

    Letter
    to the
    Editor

    Send us a letter

    Have an opinion about this story? Click here to submit a Letter to the Editor, and we may publish it in print.

    Recommended for You
    It's a secret: California keeps key virus data from public
    It's a secret: California keeps key virus data from public
    New York state investigates drug price spikes during pandemic
    New York state investigates drug price spikes during pandemic
    Sponsored Content
    Get Free Newsletters

    Sign up for free enewsletters and alerts to receive breaking news and in-depth coverage of healthcare events and trends, as they happen, right to your inbox.

    Subscribe Today

    The weekly magazine, websites, research and databases provide a powerful and all-encompassing industry presence. We help you make informed business decisions and lead your organizations to success.

    Subscribe
    Connect with Us
    • LinkedIn
    • Twitter
    • Facebook
    • RSS
    • Instagram

    Stay Connected

    Join the conversation with Modern Healthcare through our social media pages

    MDHC_Logotype_white
    Contact Us

    (877) 812-1581

    Email us

     

    Resources
    • Contact Us
    • Advertise with Us
    • Ad Choices Ad Choices
    • Sitemap
    Editorial Dept
    • Submission Guidelines
    • Code of Ethics
    • Awards
    • About Us
    Legal
    • Terms and Conditions
    • Privacy Policy
    • Privacy Request
    Modern Healthcare
    Copyright © 1996-2021. Crain Communications, Inc. All Rights Reserved.
    • News
      • This Week's News
      • COVID-19
      • Providers
      • Insurance
      • Government
      • Finance
      • Technology
      • Safety & Quality
      • People
      • Regional News
        • Midwest
        • Northeast
        • South
        • West
      • Digital Edition
    • Insights
      • ACA 10 Years After
      • Best Practices
      • InDepth Special Reports
      • Innovations
    • Transformation
      • Patients
      • Operations
      • Care Delivery
      • Payment
    • Data/Lists
      • Rankings/Lists
      • Interactive Databases
      • Data Points
    • Op-Ed
      • Bold Moves
      • Breaking Bias
      • Commentaries
      • Letters
      • Vital Signs Blog
      • From the Editor
    • Awards
      • Award Programs
        • 100 Most Influential People
        • 50 Most Influential Clinical Executives
        • Best Places to Work in Healthcare
        • Health Care Hall of Fame
        • Healthcare Marketing Impact Awards
        • Top 25 Emerging Leaders
        • Top 25 Innovators
        • Top 25 Minority Leaders
        • Top 25 Women Leaders
      • Nominate
      • Previous Award Programs
        • Excellence in Nursing Awards
        • Design Awards
        • Top 25 COOs in Healthcare
      • Other Award Programs
        • 100 Top Hospitals
        • ACHE Awards
    • Events
      • Conferences
        • Leadership Symposium
        • Healthcare Transformation Summit
        • Women Leaders in Healthcare Conference
        • Workplace of the Future Conference
        • Strategic Marketing Conference
        • Social Determinants of Health Symposium
      • Galas
        • Best Places to Work Awards Gala
        • Health Care Hall of Fame Gala
        • Top 25 Minority Leaders Gala (2022)
        • Top 25 Women Leaders Gala
      • Webinars
      • COVID-19 Event Tracker
    • Listen
      • Podcast - Next Up
      • Podcast - Beyond the Byline
      • Sponsored Podcast - Healthcare Insider
      • Video Series - The Check Up
      • Sponsored Video Series - One on One
    • MORE +
      • Advertise
      • Media Kit
      • Newsletters
      • Jobs
      • People on the Move
      • Reprints & Licensing