As many as 80 million customers of health insurance company Anthem Inc., have had their account information stolen. Hackers accessed information such as names, birthdays, medical IDs, Social Security numbers, street addresses, e-mail addresses and employment information. There is a black market for such information which places consumers at risk for identity theft.
The Affordable Care Act of 2010 (“ACA”) has been the subject of highly contested debates in the past few years. Opponents urging for limited funding and repeal. Proponents expressing the virtues of access to health care. Portions of the ACA are designed to supplement the protection of patient health information afforded by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). Expanded and/or revised provisions include requirements that health care providers: develop operating rules for each HIPAA transaction; create a unique health plan identifier; health plan certification of compliance with standards and operating rules; and impose penalties for health plans that fail to comply.
Anthem representatives suggest that no actual medical information was stolen and contend the breach would not come under HIPAA rules. In any event, health care providers, large and small, need to develop and implement policies and procedures for securing patient health information. Otherwise, consumers can expect their data to go wild more frequently.