Close Close
Sign In
Newsletters
Popular Financial Topics Discover relevant content from across the suite of ALM legal publications From the Industry More content from ThinkAdvisor and select sponsors Investment Advisor Issue Gallery Read digital editions of Investment Advisor Magazine Tax Facts Get clear, current, and reliable answers to pressing tax questions
Luminaries Awards
Podcast Center Video Center Webcasts Resource Center Events
About ThinkAdvisor Contact Us Advertise With Us Asset & Logo Licensing Sitemap Terms of Service Privacy Policy Copyright © 2024 ALM Global, LLC. All Rights Reserved.
ThinkAdvisor

Life Health > Health Insurance > Health Insurance

White House urges fast action on data breaches after Anthem hack

By Annie Linskey and Mike Dorning

X
Your article was successfully shared with the contacts you provided.

(Bloomberg) — President Barack Obama’s top advisers urged Congress to act quickly to strengthen consumer data protections after the security breach at Anthem Inc. (NYSE:ANTM).

“Hardly a week goes by when the problem is not on the front pages of the newspapers,” John Podesta, counselor to Obama, said in a conference call with reporters promoting White House data protection proposals. “With each breach there is more need” for the legislation, he added.

Anthem, the second biggest U.S. health insurer by market value, disclosed that hackers obtained names, birth dates, Social Security numbers, street and e-mail addresses and income data on tens of millions of current and former customers. The attack underscores the need for “a single national standard to protect consumers from data breaches,” Podesta said.

Obama last month proposed legislation that would establish a standard for notifying customers of breaches and another measure that would bar student data from being used for non-educational purposes.

The administration also plans to push for enactment of its Consumer Privacy Bill of Rights, which lays out principles for online data collection. The White House will release draft legislation soon, according to a progress report issued by the White House.

The bill would require companies to notify victims of data theft within within 30 days, Podesta said.

“Anthem did do that,” he said.

Health information privacy and data security are already governed by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009.

Best practices

Anthem is “operating in a realm of best practices,” Podesta said. “They are in that zone. What we want to see is both a constant application and a high set of standards.”

Multinational companies including Sony Pictures Entertainment and JPMorgan Chase & Co. have been among high-profile companies grappling with hackers.

Anthem, formerly known as WellPoint, didn’t provide information on how the hacking occurred or when it was discovered.

The Anthem attack is the biggest in the health care industry since Chinese hackers stole Social Security numbers, names and address from 4.5 million patients of Community Health Systems Inc., the second-largest for-profit hospital chain, last year. These events are on a similar scale to hacks of customer data from Target Corp. and Home Depot Inc. last year in terms of the number of people affected.

Anthem will notify customers who were affected and provide credit and identify-theft monitoring services for free, Chief Executive Officer Joseph Swedish said in a letter to customers.

“As soon as we learned about the attack, we immediately made every effort to close the security vulnerability, contacted the FBI and began fully cooperating with their investigation,” Anthem said.

—With assistance from Crayton Harrison in New York and Jordan Robertson in Washington.

NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.