Connect With Us

Inside INdiana Business
Subscribe Now Log In
  • Home
  • News
    • Education
    • Health
    • Tech
    • STEM
    • Advanced Manufacturing & Logistics
    • Life Sciences
    • Ag INnovation
    • INPower
  • Videos
  • Big Wigs
    • Submit Big Wigs
  • Events
    • Engage Southwest Indiana – Evansville
    • Engage Northwest Indiana – Valparaiso
    • Engage Greater Lafayette – West Lafayette
    • Engage West Central Indiana – Terre Haute
    • Engage South Bend – Elkhart
    • Engage Northeast Indiana – Fort Wayne
    • Engage Central Indiana – Indianapolis
  • Newsletters
  • Podcasts
  • On-Air
    • TV & Radio Listings
  • Contact
    • About IIB
    • Meet the Team
    • Contact Us
    • Advertise
    • Gift Cards
    • Flagship Stations
    • Gerry’s Message
    • Speaking Engagement Request

Connect With Us

Anthem Reaches $16M Data Breach Settlement

Tuesday, October 16, 2018 11:44 AM EDT
By Alex Brown
Anthem Reaches $16M Data Breach Settlement Anthem ranked highest among Indiana companies on the 2016 Fortune 500 list.

Indianapolis-based Anthem Inc. (NYSE: ANTM) has reached a settlement related to what the U.S. Department of Health and Human Services calls the largest health data breach in U.S. history. The HHS says the company has agreed to pay $16 million and take "substantial corrective action" to settle potential violations of the Health Insurance Portability and Accountability Act.

The settlement is also the largest HIPAA-related payment to the HHS Office for Civil Rights in history. The previous record was $5.5 million paid to the OCR in 2016.

The HHS says the data breach is the result of cyber-attacks that exposed the electronic protected health information of nearly 79 million people, including names, social security numbers, medical identification numbers, addresses, and more. The OCR conducted an investigation of the incident and made several findings saying that Anthem:

  • Failed to conduct an enterprise-wide risk analysis
  • Had insufficient procedures to regularly review information system activity
  • Failed to identify and respond to suspected or known security incidents
  • Failed to implement adequate minimum access controls to prevent the cyber-attackers from accessing sensitive ePHI, beginning as early as February 18, 2014.

"The largest health data breach in U.S. history fully merits the largest HIPAA settlement in history," OCR Director Roger Severino said in a news release. "Unfortunately, Anthem failed to implement appropriate measures for detecting hackers who had gained access to their system to harvest passwords and steal people’s private information. We know that large health care entities are attractive targets for hackers, which is why they are expected to have strong password policies and to monitor and respond to security incidents in a timely fashion or risk enforcement by OCR."

In addition to the $16 million payment, Anthem has agreed to establish a "robust corrective action plan" to comply with HIPAA rules. You can learn more about the case and the settlement by clicking here.

Story Continues Below

Most Popular Stories

  • Jennings, Tippecanoe county sites selected for Duke grant

  • Madison hotel wins state restoration prize

  • An Angola company is making tech last longer. Its mission has led to big growth.

  • Federal grant to boost development at Cass County Agribusiness Park

  • Rokita files suit over alleged manufactured home fraud scheme

  • ActiveCampaign names inaugural CFO

Perspectives

Biodefense Commission heads to IMS for a public meeting on the perpetual race against biological threats

Biodefense Commission heads to IMS for a public meeting on the perpetual race against biological threats

The Indianapolis Motor Speedway has hosted countless legendary events for well over 100 years. Along with Lucas Oil Stadium, Gainbridge Fieldhouse and the Indiana Convention Center, Indianapolis hosts countless large scale, mass-gathering events. It is part of what makes this city so dynamic and special. ...

Inside INdiana Business

Inside INdiana Business
A division of IBJ Media

1 Monument Circle, Suite 300
Indianapolis, IN 46204

PHONE: (317) 634-6200

FAX: (317) 263-5060

NEWSLETTER@IIBNEWS.COM

  • Home
  • News
  • Videos
  • Gerry Dick
  • Newsletters
  • On-Air
  • Contact

Copyright © 2023 All Rights Reserved Privacy Policy | Terms of Service