Horizon Blue Cross Blue Shield suffers major data breach

Dec 10th, 2013 / Category: Managed File Transfer

The threat of a data breach is enough to give many healthcare executives nightmares. The industry features some of the toughest compliance regulations available, and organizations that undergo a data breach will likely face a difficult investigation, one which will quite possibly culminate in fines and other serious penalties. This reality has motivated many hospitals, doctors' offices and clinics to upgrade their data protection by investing in high-grade secure file transfer solutions and other cybersecurity tools.

However, despite the growing awareness of the need to effectively protect patient and employee information, many healthcare providers have yet to take sufficient steps in this direction. And in some cases, this failure has led to serious incidents.

The most recent example of this trend can be found in New Jersey, where Horizon Blue Blue Shield recently revealed that a theft has caused a major data breach.

Encryption issue
The breach occurred when a pair of company laptops were stolen from Horizon's Newark office a little more than one month ago. These computers were password-protected, but not encrypted, meaning that it is very possible that the information they contained could be accessed by unauthorized personnel. This data includes individuals' names, addresses, dates of birth and, in some cases, Social Security numbers and clinical information.

According to Horizon, it is currently unknown whether this data has actually been accessed. A company spokesperson said that Horizon does not believe the computers were stolen for the sake of gaining this information, nor that it has been used for identity theft or fraud.

However, the company, in compliance with relevant regulations, has informed all of those members who may have potentially been affected by the theft - more than 839,000 people in total. Those who may have had their Social Security numbers exposed will also be offered free identity theft protection and credit monitoring, courtesy of Horizon.

Additionally, Horizon indicated that it will take steps to strengthen its overall data protection efforts, including a renewed commitment to encrypting potentially sensitive information.

The Star-Ledger noted that this is not the first time that Horizon Blue Cross Blue Shield has experienced a data breach following a laptop theft. A similar incident occurred in 2008, which forced the organization to contact approximately 300,000 potentially affected members.

File sharing solutions
As these incidents demonstrate, healthcare providers and insurers need to be extremely cautious when handling sensitive patient information. This is a major challenge, due to both the ever-increasing amount of data collected and the need to share this information with healthcare professionals and partner organizations.

In addition to utilizing advanced encryption technology, firms should also embrace high-end secure file transfer solutions. These tools ensure that all data remains safe and protected while in transit, which is often when the data is most vulnerable. This allows healthcare professionals to offer the best possible treatment without compromising information integrity.