Healthcare News & Insights

What the Premera breach can teach hospitals

Another major industry payor announced a massive data breach affecting millions of people — and there are important lessons hospitals can take away from the incident. 

491731145Earlier this week Premera Blue, an insurance carrier based in Washington, announced it had experienced a huge cyberattack by unknown hackers.

Though the exact number hasn’t been released yet, it’s believed the breach affected more than 11 million customers. That makes it the second biggest data breach in the history of health care, following the Anthem breach earlier this year.

So what happened at Premera and what can providers learn from the incident?

Breach details

As Modern Healthcare reports, Premera first noticed the breach in late January. The attack affected current and former members of Premera Blue Cross, Premera Blue Cross and Blue Shield of Alaska and several of Premera’s vendors.

An investigation later revealed the initial attack actually occurred sometime in early May of 2014 but had gone unnoticed for several months.

Hackers were able to access patients’ protected health information (PHI) dating back to 2002, including:

  • names
  • birth dates
  • phone numbers
  • bank account information
  • claims data and clinical information
  • email and mailing addresses
  • member identification numbers, and
  • social security numbers.

The investigation into the breach is still ongoing, so it’s not clear yet how much damage has been done.

Mac McMillan, a cybersecurity expert and founder of the health IT consulting firm CynergisTek, believes its possible that the hackers weren’t just out to steal valuable healthcare data, but may also have been planting bots in Premera’s system to facilitate other cyberattacks.

Lessons for other providers

Unfortunately, due to the ever-changing nature of cybersecurity and evolving cyberthreats, there’s no such thing as a 100% unbreachable system.

That means it’s just as important that facilities understand how to respond in the event of a breach as it is to know what steps to take to prevent breaches in the first place.

So if nothing else, the Premera breach gives some important lessons to the rest of the industry about how to act in the aftermath of a breach.

For starters, Premera immediately contacted state and federal agencies to inform them of the attack. It also began working with cybersecurity consultants to investigate the source of the breach, and remove any viruses or controls the hackers may have left in the system.

In addition to sending out notification letters to affected customers, Premera also established a call center and website dedicated to keep people informed of investigation results and what further steps Premera is taking to prevent further damage.

For example, although it doesn’t appear that any of the stolen PHI has been used inappropriately yet, Premera is still offering affected customers two years of free credit monitoring.

Hospital leaders should take a leaf out of Premera’s book and develop similar breach response plans at their facilities. Response plans should include details like who will be informed of the breach and when, as well as what damage control steps you’ll take to protect patients and correct system weaknesses.

And given how common data breaches are becoming, now may also be a good time to update or purchase cyberliability insurance to help cover breach-related expenses.

Subscribe Today

Get the latest and greatest healthcare news and insights delivered to your inbox.