Cyber attack raises questions about health information security
A major breach in data at Anthem Inc — a health care company — is raising questions about the security of data across the industry. A Rochester cyber security specialist weighed-in on the implications of this latest incident which has compromise the personal data of 80 million people.
Initial reports from Anthem say the breach didn’t put medical records of current members and former members at risk, but other identifying data (such as names, birthdays, and social security numbers) were exposed.
Andy Meneely, assistant professor of software engineering at the Rochester Institute of Technology, said the fact that the hackers only got one sort of information could actually be, relatively speaking, a positive thing.
"Designing the system so that you have data in different places for security reasons is a good thing in my opinion," he said.
According to Meneely, security concerns are one of the main reasons why the healthcare sector has been slow to digitize.
"Certainly, if you look at healthcare and you compare it to most of the other parts of our lives, health care is of the least digitized other parts of our lives. However, one of the reasons for that is that medical records if they're disclosed, you can't unring that bell," said Meneely
New York health insurers do not appear to be affected by the breach at Anthem, but the company is investigating whether the data of members covered by other insurers’ was breached.
Excellus, which is an independent Blue Cross Blue Shield company, said in a statement that it’s closely monitoring the situation.