Anthem refuses government security audit
HIM-HIPAA Insider, March 16, 2015
Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!
In the wake of the cyberattack that exposed the PHI of nearly 80 million current and former Anthem, Inc., subscribers, the health insurer is refusing to comply with requests for a security audit by the Office of Personnel Management’s (OPM) Inspector General, according to HealthData Management.
Anthem participates in the Federal Employees Health Benefits Program, which provides health benefits to civilian government employees and annuitants in the U.S. The OPM oversees this program and conducts vulnerability scans and configuration compliance audits of participants’ computer servers. Anthem refused the audit as it is against its corporate policy, HealthData Management reported.
In 2013, the OPM Office of the Inspector General attempted to audit Anthem, but the insurer implemented restrictions that prevented auditors from adequately testing the security of Anthem systems. The final 2013 report on Anthem (known as Wellpoint, Inc., at the time) states that the agency was unable to attest that the insurer’s servers were secure.
This article originally appeared on HCPro’s HIPAA Update blog. Stay up to date on all things HIPAA by signing up for e-mail updates from this blog.
Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!
Related Products
Most Popular
- Articles
-
- Don't forget the three checks in medication administration
- Nursing responsibilities for managing pain
- Complications from immobility by body system
- Q&A: Primary, principal, and secondary diagnoses
- The consequences of an incomplete medical record
- Practice the six rights of medication administration
- Neurological checks for head injuries
- Note similarities and differences between HCPCS, CPT® codes
- Skills of effective case managers
- Prevent dehydration with nursing interventions
- E-mailed
- Searched