Anthem Pays $115 Million Settlement

Veriphyr proactively reports impermissible use of PHI the first time it happens.

 

Superlative Settlement

On August 16th, Anthem Inc. signed the check for the $115 million settlement of the class action lawsuit against them for their 2015 data breach (a). Lawyers say this is likely the largest settlement ever (b).

A large settlement appears fitting, however; Anthem is one of the largest insurers in the United States, and the personal health information (PHI) of 78.8 million people was exposed. Exposed data in this breach includes names, dates of birth, health insurance information, Social Security numbers, email addresses, and employment information (a, b).

 

The $115 Million

Initially after the breach, Anthem covered two years of credit monitoring services for everyone with exposed information. Included in the $115 million settlement is two additional years of monitoring and $50 cash payment for those who paid for credit monitoring out of pocket (a).

1.33 million people have submitted claims of the data breach costing them out of pocket, beyond credit monitoring. $15 million of the settlement money is available for those people to claim up to $10,000 each (a).

Anthem customers do not solely make up the 78.8 million people with exposed data. Customers of Anthem affiliates, such as Blue Cross Blue Shield are also at risk. In addition, employees of Anthem, including Anthem’s CEO Joseph Swedish, were at risk for cyber criminals using or selling their information (c).

 

Better Monitoring

The monitoring is necessary because medical records and other personal identification information is highly profitable on the black market.

Anthem has invested millions more into data security since the breach. Using advanced data analytics, Veriphyr proactively identifies privacy breaches the first time they occur, so patient’s data is not at high risk.

 

Sources

(a) HIPAA Journal – August 20, 2018

(b) Reuters – June 23, 2017

(c) CNN – February 6, 2015