Each stolen medical record costs up to $20 – twenty times more than the credit card data. Such information can be used for identity theft, fraud, and blackmail. That’s why anyone who wants to develop software for the US healthcare has to face Health Insurance Portability and Accountability Act (HIPAA).

Among other things, HIPAA protects the patients’ health information.

Anthem, the largest US insurance company, had to learn this the hard way.

What started with a simple phishing email, has led to the biggest healthcare data breach in history. The hackers stole the data of 79 million patients. The information included their names, social security numbers, and medical IDs.

The enraged patients had sued Anthem and won a $115 million settlement. Although the company avoided the regulator’s fines, it would have to spend up to $260 million to improve its security.

HHS Office for Civil Rights (OCR) oversees the HIPAA compliance. In 2017 alone it has fined the US health care providers for almost $20 million.

Read more...