The National Association of Insurance Commissioners say 18 member states have agreed to participate in a multistate settlement with Anthem Inc. in connection with the data breach revealed in February 2015.
Related: Senators demand Anthem hasten notifications on data breach
The Kansas City, Missouri-based regulator group says the list of states approving the deal includes Indiana, the Indianapolis-based company’s home state, and California.
All 56 NAIC jurisdictions participated in a targeted market conduct and financial examination, to look at Anthem’s state of preparedness before the breach, its response, the adequacy of post-breach mitigation measures, and the thoroughness of efforts to find the people who breached the data, officials say.
Officials say the settlement includes a requirement that Anthem improve its data security safeguards and a requirement for a special credit protection program for the children affected by the breach.