by
Thomas Dworetzky, Contributing Reporter | June 28, 2017
There are a number of steps a company can take to protect against or deal with such a breach, Michelle Foster Earle, president of OmniSure Consulting Group,
told HCB News at the time.
One solution that could have prevented Anthem's breach is called "two-factor authentication," which requires the system administrator to use a personal device to verify their identity before they can use an administrator password to log into the system.
But sometimes a breach is inevitable, no matter what precautions are put into place. If a hospital or insurer is hit with a breach, Earle thinks the first thing they should do is stop the bleeding by shutting down access where possible, changing passwords and informing the authorities.
Next, they need to inform the public of the breach through social media, which is something Anthem did very well. The CEO of Anthem, Joseph Swedish, spoke out about both what they know and what they didn't know.
"[People] want to hear what's happening straight from the company they trusted," said Earle.
Earle recommended that all health care systems have a crisis management plan that includes cyber-breaches in place.
But the best risk management advice that she can give is to get cyber liability insurance, if you can't predict or control the breaches.
Back to HCB News
