With cyber attacks making headlines across all sectors in 2014, perhaps few industries have as much to lose from a customer privacy perspective as health care, and at the end of January, Anthem became the first high profile victim of 2015. Hackers obtained data on tens of millions of current and former Anthem customers in a sophisticated attack compromising names, birthdates, Social Security Numbers, mailing addresses, usernames and passwords. According to IDC Health Insights, by 2015, 50% of healthcare organizations will have experienced between one and five cyber attacks in the previous 12 months, with one out of three attacks deemed successful. In turn, these attacks will require healthcare organizations to invest in highly expensive security strategies to safeguard their member’s pertinent information.
Healthcare Monitor has seen several firms in our coverage group publish articles and press releases with tips on how to protect against identity theft, details on how member data is protected and strategies on how to deter attacks. Both Aetna and Harvard Pilgrim, for example, have used homepage promotions and articles to explain how end-to-end encryption can keep customers safe and more notably how health care firms should consider removing Social Security Numbers (SSN) from the health care system. If SSNs remain the customary data footprint for the health care industry, member databases will continue to attract cyber attacks.
Firms in the Anthem network responded to the attacks with solutions for affected members. Through announcements and promotions on the Anthem, BCBS of Massachusetts and Empire BCBS public and member homepages, the firm offers members free two-year credit and identify monitoring service subscriptions.
Empire BCBS Public Homepage