Insurers among potential targets of data breaches, organization warns
"It can be nearly impossible for an organization to have sufficient protection of personally identifiable information," said the International Association of Industrial Accident Boards and Commissions. "Hackers continue to find new and inventive ways to access this information."
The organization has created a Web page on personally identifiable information to post updates, news, and discussions. It followed a request from Utah officials, who cited two recent data breaches.
The Utah Department of Workforce Services was the target of a scheme in 2010 that saw data illegally used to create a list of 1,300 persons, including Social Security numbers, names, birth dates, addresses, and phone numbers. The information was sent to news media and law enforcement, purporting the list to be of illegal immigrants. It was later determined to be the work of DWS employees. The Labor Commission subsequently enhanced computer security measures within the state's systems that mask all but the last four digits of Social Security numbers in printing or exporting functions.
Several months ago, Medicaid data was hacked, compromising approximately 780,000 Utahans' sensitive information. The Department of Health and Administrative Services is preparing a report for the U.S. Department of Health and Human Services on its assessment of potential violations of HIPAA.
"Jurisdictional agencies, as well as private sector organizations such as carriers, are all potential targets for these activities," the IAIABC said. "The industry as a whole must come together to develop and implement strategies that ensure personally identifiable information is protected."
Read more at the WorkersComp Forum homepage.
June 21, 2012
Copyright 2012© LRP Publications