John Commins reports: Anthem Inc. faces hefty costs to repair the massive security breach that may have compromised the personal records of 80 million people. The extent of that liability could depend upon what safeguards the health plan had in place, and how it responds to the concerns of customers and federal regulators, industry observers say. Given…
Category: Uncategorized
FAQs by Employers Regarding the Anthem Breach
Theodore J. Kobus III and Lynn Sessions answer some of the questions employers are likely to ask about their responsibilities in light of the Anthem breach. I’m pleased to note that they also addressed the error I saw in all-too-many media reports that claimed that this wasn’t a HIPAA breach. They write: The media is…
Ohio man charged with Medicaid fraud and identity theft
Alabama Attorney General Luther Strange announced the arrest of Darnell Davon Nash, 30, of Cleveland, Ohio, on sixty-nine counts of filing false claims with the Alabama Medicaid Agency and one count of trafficking in stolen identities. The Attorney General’s Medicaid Fraud Control Unit presented evidence to the August 2014 term of the Montgomery County grand…
Anthem Alerts Consumers to Protect Themselves from Phishing Emails
Some people are already receiving phishing emails, it seems. Anthem has issued the following press release in response: INDIANAPOLIS–(BUSINESS WIRE)–Feb. 6, 2015– Individuals who may have been impacted by the cyber attack against Anthem, should be aware of scam email campaigns targeting current and former Anthem members. These scams, designed to capture personal information (known…
FTC Approves Final Orders In PaymentsMD Privacy Case
After a public comment period, the Federal Trade Commission has approved final orders resolving complaints that PaymentsMD, LLC and its former CEO, Michael C. Hughes, violated consumers’ privacy by collecting personal medical information without their consent. The settlements were first announced in December, 2014. In its complaints, the FTC alleged that Payments MD and Hughes altered the signup…
How do I alert thee? Let me count the ways that don't work – UK edition (updated)
On February 2nd, I blogged: … I spent some time yesterday trying to locate a contact email for the NHS to alert them that a hacker had dumped a list of vulnerabilities in NHS sites that hackers could exploit. Failing to find any central contact for reporting infosecurity concerns or breaches, I tweeted an inquiry as…