HIPAA? Anthem? Security breach? Don’t fret!

HIPAA, the Anthem security breach, and why you shouldn’t lose faith

hippo-48387_640

Last week, Anthem revealed that they suffered a security breach on their system which could affect 80 million people – that’s 80 million people’s birthdays, social security numbers, and other personal information that could be out on the internet. This is far from a small matter because of the sheer number of identities being compromised, but HIPAA laws are still in place – and may even be strengthening in light of this new massive breach.

But what is HIPAA and why is it such a big deal? Why should you still have faith in the industry standards?

HIPAA stands for Health Insurance Portability and Accountability Act of 1996 (HIPAA) and is the law governing the protection of your personal health information (PHI). HIPAA standards have been laid out since 1996, enforced in 2000, and periodically updated since then.

Like most laws the language is lengthy, but the basic summary is that HIPAA is the law that protects your privacy as a patient and as a health insurance applicant and recipient. The law sets standards for data encryption and who can access your information – which means good ol’ Joe from accounting, or even your best friend from the next desk over, can’t legally view your private health information unless they directly administer your health care plan.

So, even though the Anthem breach was a big deal, here are a few reasons why you should still trust the industry: 

Past security breaches on large companies have sometimes come from the inside (whether or not they were intentional). That’s scary, but that means that there will be much more scrutiny on who’s sitting behind desks with access to your information. You can expect to see everyone who has access to PHI bulking up security, probably beyond what the HIPAA laws currently enforce.

The Anthem breach and other past breaches were probably not the act of just a few hackers. Although it is still speculation, some security experts believe that attacks on networks and leaks like this are part of a coordinated effort between hacker groups, which isn’t a common occurrence. The amount of effort, time, and resources required for an attack like what happened makes a recurrence extremely unlikely, especially with heightened security in the wake of the incident.

Federal lawmakers have stepped in to consider new standards. Even though new laws haven’t yet passed regarding additional measures, talk has begun about creating new standards in addition to current laws to protect PHI. This probably means new standards across the board – new training, hardware and software, and procedures.

Security measures will now be on the front of everyone’s minds. That means good ol’ Joe in accounting and his supervisors are probably going to be taking additional measures to protect their computers from infiltration on top of existing compliant measures, even if they don’t directly have access to sensitive information. Companies subject to HIPAA laws are going to be reinvesting in updated security measures so their networks don’t become the next big news story, and you can bet there will be no shortage of IT and security firms jumping to offer the newest and best protection technology. Their information is a consideration, too!

So in short: yes, there was a breach, and yes, it was bad. But the industry is now going to be bulking up  measures beyond what they ever were, so you can bet your information will be even more safe than it was before the breach. Don’t fret!

 

Note: we are not affiliated with Anthem or their subsidiaries in any way and this post does not reflect their opinions. For more information about the breach, you can see Anthem’s website here: http://www.anthem.com