[ Thursday, February 05, 2015 ]
Jeff [11:12 AM]
By now you've heard of the latest huge data breach
. Just a reminder, PHI has value as a breach target on multiple fronts: direct theft of account numbers (particularly credit card numbers that can be used immediately), regular identity theft value (stealing SSNs to get credit cards or loans in the victim's name), medical identity theft (to pose as the victim and use up their insurance benefits), sensitivity/"hostage" value (to obtain information on particular individuals for extortive uses or to extort the covered entity), etc. It appears that Anthem's credit card info was protected (probably in accordance with PCI standards), but the other PHI also has value.
Blogger: HIPAA Blog - Edit your Template