Healthcare organizations can learn important lessons from the proposed $115 million settlement in the breach lawsuit against health insurer Anthem, says Bill Fox, a former federal prosecutor.One of the key lessons emerging from the Anthem breach case, which impacted nearly 79 million individuals, is the need for more granular control of access to sensitive data, says Fox, who’s global chief technology officer of healthcare and life sciences at MarkLogic, a database software vendor.The breach shows the importance of access control because it stemmed from a phishing attack that exposed credentials, paving the way to access sensitive data on millions of individuals.”It seems as though Anthem did not have sufficient granularity in terms of internal access,” he notes in an interview with Information Security Media Group. “You constantly have to think in terms that there is no way to absolutely prevent a breach in any sort of operational business because you have to be sharing data – and people have to be working with that data and filling the functions of the business. But what many organizations – not just those in healthcare, but in other industries – lack is very, very granular access control.”

Source: Click here

Facebook Comments