Encryption Not a Black and White Approach

What Anthem did or did not encrypt has been a topic of conversation ever since news of its massive breach of customers’ personal information broke last week. It appears that, in compliance with the Health Insurance Portability and Accountability Act (HIPAA), which doesn’t explicitly require encryption of customer data, Anthem did not encrypt the breached data, and a company spokeswoman has said that even if it had, that wouldn’t have protected the data because the hacker had admin-level access, according to a piece in The Huffington Post.

Michael McQuinn, co-founder and CTO of Criterion 360, points out in a piece on DataInformed that the fact is, “there will always be something:”

Article by Kachina Shaw, managing editor for IT Business Edge