[ Thursday, February 05, 2015 ]


Anthem Breach: By now you've heard of the latest huge data breach.  Just a reminder, PHI has value as a breach target on multiple fronts: direct theft of account numbers (particularly credit card numbers that can be used immediately), regular identity theft value (stealing SSNs to get credit cards or loans in the victim's name), medical identity theft (to pose as the victim and use up their insurance benefits), sensitivity/"hostage" value (to obtain information on particular individuals for extortive uses or to extort the covered entity), etc.  It appears that Anthem's credit card info was protected (probably in accordance with PCI standards), but the other PHI also has value.

Jeff [11:12 AM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template