By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
    Health
    Healthcare organizations are operating on slimmer profit margins than ever. One report in August showed that they are even lower than the beginning of the…
    Show More
    Top News
    stress management for healthcare workers
    3 Tips For Healthcare Professionals: How To Stay Beautiful, Healthy, and Happy
    November 2, 2021
    importance of relaxing on the weekend for your health
    Importance of Relaxing During the Weekend for Optimal Health
    March 25, 2022
    LASIK Eye Surgery
    What Is LASIK Eye Surgery?
    May 16, 2022
    Latest News
    Beyond Nutrition: Everyday Foods That Support Whole-Body Health
    June 15, 2025
    The Wide-Ranging Benefits of Magnesium Supplements
    June 11, 2025
    The Best Home Remedies for Migraines
    June 5, 2025
    The Hidden Impact Of Stress On Your Body’s Alignment And Balance
    May 22, 2025
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
    Policy and Law
    Get the latest updates about Insurance policies and Laws in the Healthcare industry for different geographical locations.
    Show More
    Top News
    The PCMH and Home Care Data: An Interview with Melissa McCormack
    December 19, 2013
    IT Strategy for Health Plans: Interview with ikaSystems CEO Joe Marabito
    August 11, 2014
    A New Kind of Stress Test
    May 26, 2015
    Latest News
    Let Your Lawyer Handle the Work Before You Pay Medical Costs
    July 6, 2025
    Top HIPAA-Compliant Messaging Apps for Healthcare Teams
    June 25, 2025
    When Healthcare Ends, the Legal Process Begins: What Families Should Know About Probate and Medical Estates
    June 20, 2025
    Preventing Contamination In Healthcare Facilities Starts With Hygiene
    June 15, 2025
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: Lessons from the Anthem Breach
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > eHealth > Medical Records > Lessons from the Anthem Breach
BusinesseHealthMedical RecordsPolicy & LawTechnology

Lessons from the Anthem Breach

David Harlow
David Harlow
Share
0 Min Read
SHARE

King_Henry_V_at_the_Battle_of_Agincourt,_1<p><a class=King_Henry_V_at_the_Battle_of_Agincourt,_1415

Anthem experienced a major data breach last week, and reportedly some records (Social Security Numbers and other identifying information, but not health data) of up to 80 million members and employees were obtained by hackers.

There is much to be said (and much has already been said) about the need for privacy and security and protections in the case of Anthem, just as “helpful hints” have been provided after the fact to victims of all significant data breaches. My reaction, when reading about the unencrypted SSNs that were accessed in this attack, was: Why in the world are we using social security numbers as ID numbers? It doesn’t have to be this way.

The social security number is the only universal unique identifier we have at our disposal in this country. It’s easy to ask for, and to use, but … it’s not supposed to be used for anything other than administration of Social Security benefits. Until not all that long ago, states used SSNs as driver’s license numbers. No longer (at least around these parts). Most of us get asked for the last 4 (or 5 or 6) digits of our SSNs constantly for all kinds of reasons. How many of us refuse every time?

More Read

rockies venture
Health Startups: Rockies Venture Club Nurtures Denver’s Ecosystem
Chantix Under Fire
Turn Your Medical Device’s User Manual into an Online Marketing Tool
Nurse Care Lines: Wait a minute, I Thought You Were the Expert?
The Risk of Concussions in Contact Sports

Way back in 1998, as folks were trying to figure out how to implement HIPAA, the question arose: Gee, why don’t we establish a unique patient identifier system so that we can be assured that each electronic health record is properly tied to the right individual? (Check out this vintage HHS white paper on the Unique Health Identifier, published as prologue to a rulemaking process that never went anywhere.)  Eventually, that approach was taken for providers (UPIN, then NPI), but not for patients. In fact, every year since then, Congress has included a special line in the HHS budget that says Thou Shalt Not establish a unique patient identifier system.

This approach has spawned a sub-industry that scrubs data sets to ensure that an individual patient doesn’t have duplicate records, each including only a part of the whole, by triangulating from all the data points used to perpetrate identity theft: SSN, DOB, name, address, etc. All those data points are needed in order to make sure that we’re talking about the right Mr. Jones. If the only identifier attached to the health data were the patient ID number, then health records would suddenly become much less valuable to identity thieves — and it would be easier to determine which record belongs to whom.

Using patient ID numbers (which could be encrypted and thus protected — because, after all, who wants to get a new patient ID number? Getting a new credit card number after some system or other gets hacked is bad enough, and remember, you can’t get a new SSN just because your health records have been hacked) would be one element of a data minimization approach designed to lessen the likelihood of damage resulting from a breach. Couple that with the auditing capabilities that allowed Anthem to notice its breach in short order (vs. some breaches which were exploited over the course of years before anybody noticed), and we’d be looking at some real improvements to health data security.

David Harlow
The Harlow Group LLC
Health Care Law and Consulting 

TAGGED:security
Share This Article
Facebook Copy Link Print
Share

Stay Connected

1.5kFollowersLike
4.5kFollowersFollow
2.8kFollowersPin
136kSubscribersSubscribe

Latest News

9 Lifestyle Tweaks That Can Add Years to Your Life
9 Healthcare Lifestyle Tweaks That can Add Years to Your Life
lifestyle
July 11, 2025
car accident lawsuit
Let Your Lawyer Handle the Work Before You Pay Medical Costs
Policy & Law
July 6, 2025
women dental care
What Is a Smile Makeover and How Much Does It Cost?
Dental health
June 30, 2025
HIPAA-Compliant Messaging Apps
Top HIPAA-Compliant Messaging Apps for Healthcare Teams
Global Healthcare Policy & Law Technology
June 25, 2025

You Might also Like

pulsepoint
eHealthMedical DevicesMobile HealthTechnology

Crowdsourcing Citizen Superheroes

January 16, 2015

How Twitter Can Bolster Your Healthcare Search Marketing Game

February 9, 2015
doctor/patient relationship
Health ReformMedical Education

Patient Satisfaction and P4P – Three Things Doctors Need to Know

February 11, 2013
Public Health

A U.S. Marine’s Gift to a Doctor

July 15, 2013
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2025 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?