States to Investigate Premera Data Breach | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

States to Investigate Premera Data Breach

March 26, 2015
by Rajiv Leventhal
| Reprints

Insurance commissioners from multiple states are teaming up to investigate the massive data breach of health insurer Premera.

The breach, which initially occurred on May 5, 2014, but was not detected until Jan. 29, 2015, affected 11 million of the insurer’s customers. It was recently revealed by a report from the U.S. Office of Personnel Management's Office of the Inspector General that Premera was warned that its data protection practices were not up to industry standards right before it was victimized by the major cyber attack.

Now, insurance commissioners in Washington state, Alaska, and Oregon are launching an investigation to examine to look into operations at Premera, based in Mountlake Terrace, Wash. Washington state will lead the market conduct exam. Other states impacted by the ‘Blue Card’ system—Premera’s national provider network—could also join the exam team.

“We take the recent cyberattack at Premera very seriously,” said Mike Kreidler, Washington state insurance commissioner. “Insurance regulators across the country are on high alert given the recent breaches both at Premera and Anthem and we will use every resource within our authority to ensure that consumers are protected and to see that insurers are responding appropriately.”

Market conduct exams involve multiple states and are on-site reviews of an insurer’s financial books, records, transactions and how they relate to a company’s activities in the marketplace. The final market conduct report will be made available to the public; no date exists yet for completion of the exam. Depending on the complexity, exams can take several months to more than a year to complete.

Topics

News

Community Data Sharing: Eight Recommendations From San Diego

A learning guide focuses on San Diego’s experience in building a community health information exchange and the realities of embarking on a broad community collaboration to achieve better data sharing.

HealthlinkNY’s Galanis to Step Down as CEO

Christina Galanis, who has served as president and CEO of HealthlinkNY for the past 13 years, will leave her position at the end of the year.

Email-Related Cyber Attacks a Top Concern for Providers

U.S. healthcare providers overwhelmingly rank email as the top source of a potential data breach, according to new research from email and data security company Mimecast and conducted by HIMSS Analytics.

Former Health IT Head in San Diego County Charged with Defrauding Provider out of $800K

The ex-health IT director at North County Health Services, a San Diego County-based healthcare service provider, has been charged with spearheading fraudulent operations that cost the organization $800,000.

Allscripts Touts 1 Billion API Shares in 2017

Officials from Chicago-based health IT vendor Allscripts have attested that the company has reached a new milestone— one billion application programming interface (API) data exchange transactions in 2017.

Dignity Health, CHI Merging to Form New Catholic Health System

Catholic Health Initiatives (CHI), based in Englewood, Colorado, and San Francisco-based Dignity Health officially announced they are merging and have signed a definitive agreement to combine ministries and create a new, nonprofit Catholic health system.