Mitigating disaster risk and downtime for hospitals

In July 2018, Blount Memorial Hospital in Tennessee had a nightmare experience. Their electronic health records (EHR) system was offline for three days. During that time, 90 doctors were unable to access patient records.

Appointments were canceled. People didn’t receive care.

When the whole thing was said and done, the hospital’s board of directors made the decision to invest in a $30,000 backup system to ensure nothing like that would ever happen again.

What’s at risk

Hospitals and other medical services businesses are in a unique position when it comes to disaster recovery and downtime readiness. This isn’t just a matter of lost profits, damage to your reputation, or inconvenience for your employees and customers. The health and wellness of people are at stake.

As a result, every kind of medical services provider has an obligation to go above and beyond to mitigate the risk of downtime and prepare for possible disasters.

Practical measures

In advising these businesses about disaster recovery, the core of our standard advice is the same for hospitals, physician practices and other medical businesses. Prepare. Don’t just wait for disaster to strike. Have a plan.

When it comes to the medical industry, there are specific forms of preparation that are uniquely important. Below are some of the things medical providers should do to lower the risk of downtime and prepare for outages.

Expect downtime

First and foremost, let go of any expectation that downtime won’t happen to you. Your hospital isn’t exempt. Your office isn’t the exception. Downtime happens to just about every business. It can (and will) happen to yours.

That’s an important step in preparation because you won’t take a disaster recovery and downtime plan seriously if you think you’ll never have to use it.

Create a communications plan

A communications plan is essential for any disaster recovery plan. Your doctors and staff need to know whom to contact, how communications will be conducted, which channels will be used for what purpose, and what communication activity is most essential in the event of downtime.

Be specific. Spell out exactly who should be in contact with whom, and make sure everyone knows the plan well ahead of time. Update it when you have changes in your system, your policies and in your personnel, if appropriate.

Develop a downtime toolkit

Downtime toolkits “contain paper copies of clinical documents and procedures to follow when their EHR is not available.” A downtime toolkit may also include a read-only database of patient records as an emergency backup system.

This is a critical resource, but one that absolutely requires the help of an IT consultant. A doctor’s office that deals in non-emergency care may not need a full downtime toolkit, but every hospital should have some kind of system for continuing to provide healthcare, even if the entire local network goes offline.

Consider an on-site fallback generator

On-site generators can help in situations where a power outage is to blame for downtime. However, power outages are only one of several things that can take an IT network offline. While an on-site generator certainly makes sense (particularly for critical care facilities), this alone will not protect your hospital from every form of downtime.

Perform downtime drills

EHR simulation drills will give you an idea of how prepared your hospital’s staff are, and they will give your staff a chance to understand and experience what to expect when the real thing strikes.

As a recent article in EHR Intelligence notes, “Strategizing to fill gaps in care that crop up during EHR downtime simulations can help to reduce the risk of slowdowns, delays, threats to patient harm, or billing problems during real instances of EHR downtime.”

Enlist some help

Finally, no hospital should be without professional help when it comes to downtime readiness and a disaster recovery plan. If your in-house IT department isn’t fully prepared to take on this crucial task, find an IT consultant with experience supporting the healthcare industry to help you and your team.

With the right preparation, downtime won’t stop your hospital or medical practice from providing the care your patients rely on.

What can Office 365 bring to health care?

Microsoft has constantly been at the front of enterprise IT innovation, and for good reason. The company has a large suite of services that can help companies achieve their full efficiency potential, with perhaps the most important of these being Office 365. The Office collection of productivity tools has been a mainstay in the business world for decades, and the latest iteration is no different.

That said, certain industries like health care are hesitant to make a move on newer technologies. Medical facilities often have a very specific way of doing things, and changing up the regular routine can seem to be extremely disruptive. However, this couldn’t be further from the truth. Office 365 has a host of benefits for those working within this sector that simply cannot be ignored.

Incredible security

“When it comes to health care IT, the most important factor to consider is security.”

Of course, when it comes to health care IT, the most important factor to consider is security. Medical records carry a host of personally identifiable information, and if that data is compromised, it could lead to stolen identities or worse. In fact, this is such a huge issue that the federal government passed the Health Insurance Portability and Accountability Act.

HIPAA is regulatory legislation that governs how medical facilities can handle patient information. It’s basically designed to harshly penalize any actions that could lead to a breach. What’s more, a violation doesn’t have to be malicious or negligent. HIPAA Journal reported that a hospital can violate a rule completely by accident and still be liable for payments of up to $50,000 per incident.

With so much on the line, it’s no wonder that so many health care administrators are hesitant to change their current IT routine. What’s more, this fear of change has even generated the rumor that Office 365 cannot meet the security needs of a modern medical organization. Of course, this simply isn’t true.

Office 365 actually has more stringent standards than many other tools on the market, and we firmly stand behind the statement that you couldn’t build a more secure environment. Hospitals looking to improve security measures can seriously benefit from an Office 365 deployment.

Lower upfront costs

Outside of security, many medical facilities also have to deal with the constraint of tight budgets for the IT department. Running something like a hospital is incredibly expensive. Between the salaries for highly-trained professionals and the ever-increasing reliance on costly equipment, health care institutions just don’t have a lot of wiggle room when it comes to the technology solutions they use.

This is yet another area where Office 365 can help out. This suite of tools doesn’t require any pricey upfront costs, instead relying on a reasonable monthly fee. This allows organizations to make the switch to Office 365 without having to allocate a huge amount of money toward the venture right from the start.

Less maintenance work for IT departments

Another problem most health care organizations have to deal with is an overworked staff. Just about every department in a hospital is overrun with important tasks, but IT is very often one of the most strained departments in any medical facility. In fact, the 2014 HIMSS Workforce Survey found that 84 percent of these institutions had hired an IT worker in the past year, showing that there is an almost constant demand for experienced technology professionals.

Those in IT are often stressed. IT workers are very often overworked.

Clearly, hospital IT departments have a very full schedule, and performing general maintenance on productivity tools is just another fire to put out. This is where working with an outside partner to develop an Office 365 solution comes into play. ISG Technology professionals can manage these issues for your organization, freeing up employees to work on internal projects.

However, it’s important to note here that such a deployment isn’t a threat to anybody’s job. ISG Technology doesn’t want to downsize your IT department, we want to help it crawl out from under the mountain of maintenance problems they have to deal with. Our IT experts are trained to make your life easier, so contact us today and find out what an Office 365 solution from ISG Technology can do for your business.

What can health care get out of data mining?

Data is being created and stored at a rate unparalleled by any other time in human history. As such, the analysis of this information in order to discover trends has never been as important as it is now. This is especially true within health care, an industry that quite literally deals with life-or-death situations on a daily basis. Mining the data created by both patients and medical professionals has major implications for the field.

With that said, what can health care facilities get out of data mining, and what challenges stand in the way of this trend?

Efficiency while still being effective

As with most other industries, the main benefits of proper data mining are increases in both efficiency and client satisfaction. Knowing how consumers act and what they do can help employees better service them, while also decreasing time spent in areas that aren’t as productive. In health care, a good example of this is the mining of Medicaid data by the Wyoming Department of Health.

Officials from this agency decided that they were spending too much money on certain payments, and worked with Xerox to properly analyze the information they had been collecting for some time. This mining proved fruitful in many areas, but the most important one was emergency room visits. The analysis revealed that there was a sizeable portion of Medicaid patients that were going to the ER more than 10 times per year, according to Healthcare IT News contributor Erin McCann.

ER doctors are very busy and don't have time to deal with repeat visitors. Having too many people in the ER is a waste of time and resources.

Two or three trips to the ER is just a bad year, but more than 10 visits means that something has gone wrong. This prompted Wyoming Medicaid employees to call these patients, verifying their status and taking steps to increase their level of personal care at home. The state also instituted a 24/7 nurse hotline to allow Medicaid patients to call in for medical help rather than going to the hospital. This enabled Wyoming to lower the costs of Medicaid ER visits by more than 20 percent, showing just how effective proper health care data mining can be.

The human element is the main disadvantage

“One of the biggest snags data mining has run into is human error.”

As it always is with technological innovations, one of the biggest snags data mining has run into is human error. Something as simple as accidentally including an extra data set due to sleep deprivation can have a major impact on the usefulness of the analysis. In fact, this problem is so apparent that an entire scientific paper sponsored by the Systems, Man, and Cybernetics Society was written on the subject.

The report – which was co-authored by Cheng-Jhe Lin, Changxu Wu and Wanpracha A. Chaovalitwongse – stated that researchers wishing to do away with human error must take a two-pronged approach. First, officials must take a top-down approach for implementing behavior modeling. These administrators must show employees what is expected of them if they ever hope to properly mine data. After this, analysts must take a bottom-up approach in order to determine who is making the most errors, as well as how many mistakes each person will most likely make in the future.

Data mining may have some hurdles to overcome in terms of human error, but this certainly won’t stop the process from continuing to work its way into health care. The medical industry is all about efficiency, and proper analysis of big data sets can help doctors and nurses improve patient care. What’s more, as the Wyoming Medicaid example shows, data mining can also help administrators determine where resources and time are being wasted, therefore giving them the ability to make changes to improve overall productivity.

How ISG handles HIPAA compliance

Health care data is heavily monitored in the U.S. The Health Insurance Portability and Accountability Act has very strict regulatory standards about how this kind of information can be handled. One wrong decision could result in some hefty fines, even if the person or organization didn’t know they were making a mistake. The American Medical Association has stated that even accidentally violating HIPAA could cost a medical facility up to $50,000 per violation.

Clearly, making a mistake when handling medical records isn’t an option, which is why ISG Technology works with health care providers to ensure they don’t stumble. But what exactly can ISG do for you?

“Accidentally violating HIPAA could cost a medical facility up to $50,000 per violation.”

Issues with security aren’t always apparent

The main advantage of partnering with ISG is that we can help you get ready for an actual HIPAA compliance audit by zeroing in on problems you might not even notice.

One of the main issues our engineers run into when assessing a hospital’s network is the fact that security credentials often aren’t taken as seriously as they should be. Basically, employees who only need to view certain kinds of data are often able to access information they shouldn’t be able to see. In an average hospital network, only about two or three employees should be given admin privileges. However, ISG experts often come into an assessment and find that 100 workers in a 700-user system will have domain admin accounts.

This is a problem because it creates a huge number of entry points for a hacker who can socially engineer her way into accessing one of these accounts. According to past experience recounted by security firm Social-Engineer, more than two-thirds of employees will provide a stranger with their information such as their birthday, Social Security number or their personal employee ID. A hacker could easily call into this hospital and use this information to trick a staff member into giving them login credentials to an admin account, thereby allowing the criminal free reign over a network.

Hackers use social engineering to get data. Sometimes, accessing private information is as easy as asking for it.

ISG can help you fix these problems and pass an audit

HIPAA audits are extremely comprehensive, and getting a perfect score is next to impossible. In fact, as the above example shows, health care facilities often have numerous issues that they don’t even know about, which can decrease an organization’s standing if an auditor were to discover these problems.

ISG can help these facilities decrease the number of red flags to a manageable and reasonable number, thereby increasing the chances of passing an inspection. Health care data is extremely private, and ensuring its safety should be a top priority.

Join the ISG Technology Team

ISG Empowers Full-Service Radiology Practice

Industry: Healthcare

As a client service-oriented radiology practice in Missouri, Advanced Radiology was feeling the pain. “Stability and speed are crucial to our ability to provide services to our patients and their physicians,” says James Aldridge, Director of Radiology for the company. “We had reached a point where our existing infrastructure would inhibit our growth unless we invested a significant amount of capital into a dozen new servers, storage devices and software.”

“ISG helped us implement a major network upgrade with virtual servers in a secure underground environment.”

James Aldridge, Director of Radiology, Advanced Radiology


Many businesses serving the healthcare industry are experiencing similar challenges. With new, rapid technological growth mandates, there’s a constant need for providers to upgrade to newer equipment and software. “The cost of equipment and the rate of change can cause not only an increase in capital expense, but a human expense in terms of training and time,” says Matt Jost, ISG account executive. “Technology has become a consuming factor for many healthcare providers, and that can distract from their core business focus.”

To help Advanced Radiology break through their barriers, ISG was able to test and evaluate their systems and propose different scenarios. “ISG’s knowledge and flexibility allowed us to tailor a solution that fit our budget and address each of our unique challenges,” says Aldridge. To start things off, ISG performed a complete network evaluation to determine best practices for the environment, taking the human element into consideration along with power, cooling, physical space and regulatory restrictions.


Based on the results of this evaluation, and the necessary requirements to meet the client’s business goals, ISG proposed two solutions. “One was to build out an internal data center with a virtual infrastructure,” says Jost. “The second was to reduce capital costs by migrating their IT infrastructure toward the ISG Data Center Service.”

“ISG helped us implement a major network upgrade with virtual servers in a secure underground environment, all connected to dual fiber rings, with a solid disaster recovery plan,” says Aldridge. “During this transition, we experienced very little downtime. They were able to simplify our backup process and help tighten our security.”


The results were better than either ISG or Advanced Radiology could have hoped for. In addition to the improved reliability and the elimination of outages, ISG’s Data Center Service has provided the client with additional flexibility for virtual assets. It’s also enabled migrations to new and more productive software solutions, minus the downtime.

“Advanced Radiology has a newfound agility thanks to the ISG Data Center,” says Jost. “They can add users, servers or other virtual assets within minutes,” he says, “and all without making a capital expenditure.”

The client couldn’t agree more. “ISG was able to update us to newer server technology, including both hardware and software,” says Aldridge. “With a newer operating system implementation, we were able to speed up our networks. ISG has been instrumental in our ability to continue our growth and migrate into newer systems.”

Are you interested in learning more about how switching to ISG’s Data Center Services could help your business thrive? Contact your ISG representative today.

IT infrastructure challenges: Big data in healthcare

One of the most common issues within the medical industry is deciding how to manage all of the data being generated on a near-constant basis. The amount of information created by hospitals and health clinics is astounding and isn’t going to slow down anytime soon.

In general, big data is increasing at an accelerated rate across every industry. The IDC predicted in November 2015 that by 2019, spending on big data infrastructure and services would reach a total value of 48.6 billion, growing at a compound annual rate of 23 percent. This is a clear indication that organizations are learning that they need specific tools to measure and analyze the data they collect.

What is all of this information being used for? Let’s take an in-depth look at how the healthcare industry tackles big data:

“Data provides a good foundation for making value-based decisions.”

Value-based purchasing

Big data is helping the medical industry make better decisions about what tools are going to help patients the most. According to HealthcareITNews, the Affordable Care Act has created an incentive for hospitals to prove their value – but how to do that? Data, it turns out, is providing a good foundation for making these value-based decisions.

The value of pharmaceutical and medical devices can be quantified by determining how these tools are being used to help patients. For instance, an organization can measure quality-adjusted life years.

“At its core, big data is about massive amounts of electronic patient information that can be mined to yield tailored medical results,” Scott Zeger, director of HopkinsinHealth and a biostatistics professor at Hopkins Bloomberg School of Public Health, told Health Data Management.

In other words, it all comes down to how medical tools are being used to increase the quality of life for patients and improve outcomes, which the analysis of big data can shed light on.

Medical instruments and pharmaceuticals are given value based on how they're used to improve outcomes.Medical instruments and pharmaceuticals are given value based on how they’re used to improve outcomes.

Storage issue: Genomic research

One challenge presented by big data is the question of where all the generated healthcare information is going to reside. The problem of storage is a very real one, especially in an industry that’s governed by compliance regulations and strict legal boundaries. To that end, the big data storage problem is nowhere as acute as it is with human genomic research.

A report published in July 2015 in the scientific journal PLoS Biology found that by 2025, between 100 million and 2 billion human genomes could be sequenced. This sequencing is going to create as many as 40 exabytes of data. To put that in perspective, here’s a fun fact: According to High Scalability, as of 2012, every word spoken by every human throughout history only adds up to about 5 exabytes of data. This creates an issue with data management within the healthcare space.

What’s the answer?

Some say that cloud infrastructure offers a ready answer to the challenges presented by big data in the healthcare industry. No matter how big your big data problems are, at ISG Technology, we can help you find solutions that will meet your needs. Whether you want to store your data in the cloud or in on-premises environments, our managed services experts will know what the answer is. Contact us today for more information.

What are the risks of hybrid cloud?

Hybrid IT infrastructure is quickly becoming one of the biggest trends of the current decade, and this strategy can sometimes include hybrid cloud deployments. According to the RightScale 2015 State of the Cloud Report, 82 percent of surveyed enterprises were running a hybrid cloud strategy, and Data Center Knowledge stated in mid 2015 that adoption of these technologies was expected to triple by 2018. The benefits of embracing hybrid cloud are clear: Companies are able to improve IT flexibility and choose solutions that fit their specific needs, all while maximizing cost efficiency and asset utilization, according to FierceCIO contributor David Weldon.

As adoption goes up and more companies look into deploying hybrid strategies within their IT departments, so too do the number of issues that arise in dealing with the new technologies that hybrid cloud brings to the table. Let’s take a look at the biggest risks when it comes to cloud and hybrid IT, then discuss strategies for dealing with these issues:

“Software and application changes occur on the provider’s side.

1. Loss of control

The CIO’s job is to manage risk within his or her company, and as such may view that total control over every part of the technology strategy of the organization is necessary. However, when cloud-based tools are utilized, software and application changes occur on the provider’s side, meaning IT executives may not have a say. Therefore, according to CIO contributor Shoeb Javed, one of the most important risks of hybrid cloud computing is the perceived loss of control on the part of the CIO and other members of the executive board.

“Applications change all the time, and when those applications are outside the company’s control, they could be caught unprepared when a sudden software update occurs,” Tripwire contributor Rick Delgado stated. “A single application change can create integration problems with other programs, leading to major disruptions among the most critical business applications.”

2. Cloud security

A lot has been said lately about the cloud and its apparent inherent risks as far as security is concerned. The market for cloud security tools keeps going up by the day, and it’s expected to reach a total value of $8.71 billion by 2019, according to a 2014 report published by MarketsandMarkets. This is a clear indication that security is on the minds of industry CIOs.

There are a few main security challenges for organizations that deploy hybrid cloud strategies, according to TechTarget. These include risk management, security management and poorly constructed service-level agreements. Most of these problems stem from the complications that can arise when private and public cloud are both used in conjunction with one another – managing two kinds of deployments can be a complex task for IT teams.

3. Compliance

This is an issue that goes along with the aforementioned security challenge. Businesses have to ensure that all parts of their cloud strategy are compliant with any industry regulations. It’s crucial to ensure the data traveling between private and public cloud environments is secure, as well.

For instance, organizations within the healthcare sector have to prove that their systems are compliant with the Health Insurance Portability and Accountability Act, which designates strict security standards for protected health information. If a business works with payment card data, it is subject to the rules set forth by the Payment Card Industry Data Security Standard. All of these regulations need to be managed properly, and in certain circumstances, hybrid IT could complicate effective management strategies.

Companies that work with payment card data need to make sure their hybrid cloud deployments are secure and compliant.Companies that work with payment card data need to make sure their hybrid cloud deployments are secure and compliant.

Worth the challenge

Considering the risks of hybrid IT is one of the most important responsibilities of the technology department of any organization. However, the many benefits of investing in hybrid infrastructure outweigh these risks when they’re managed effectively. That’s why having a managed services partner around to help your organization deal with these hybrid cloud risks is not only a great idea – it’s essential to a successful hybrid IT strategy.

When you partner with a company like ISG Technology, you can rest assured that the risks of migrating data to and from virtual environments will be orchestrated by cloud experts. Get in touch today to find out more about how our hybrid cloud solutions fit your business needs.

Involve IT in strategic planning

When it comes to ensuring business continuity and keeping all parts working properly, it’s crucial for communications between departments to be easy and effective. You especially want interactions between executives and IT administrators to be productive. In those conversations, if there is any kind of disconnect with either party, bottom lines could suffer.

How does the proper implementation of IT impact corporate objectives? Having the right technology solution in place can make a difference in the long run across the board, but decision-makers sometimes don’t consult their IT departments before investing in something new. According to InformationWeek contributor Andrew Froehlich, this may be due in part to the fact that new technologies are constantly coming out, sometimes so quickly that tech staff can’t keep up.

Shadow IT is creating cybersecurity vulnerabilities for enterprises.Shadow IT is creating cybersecurity vulnerabilities for enterprises.

Shadow IT is compounding this issue even further. With the continued implementation of bring-your-own-device policies, extraneous technologies make their way into companies’ networks. Employees are carrying their own smartphones and tablets into the workplace and downloading different – and perhaps unapproved – applications to use with their jobs. This creates cybersecurity and compliance issues due to the entrance of unknown actors on the network.

For instance, one study on the information systems of health care organizations from 2014 found that the average provider has 928 cloud services running on its systems – only 10 percent of which are known to their IT departments. In addition, only 7 percent of the total cloud are compliant with industry-specific standards. These kinds of statistics illustrate why it’s crucial for the IT department to be involved in the decision-making process of any company. To ensure compliance and maintain security, technology teams and executives need to be on the same page.

What’s the solution?

“Communication between IT staff and the executive board needs to be efficient.”

Different departments need to work together to elicit the best outcome for a business – meaning that to achieve the best bottom line, communication between IT staff and the executive board needs to be efficient. Computer Weekly contributor Marc Cercere noted that the agendas of both the business technology and IT departments are equally as important to focus on and improve.

For instance, due to the increase in shadow IT and the continuing focus on cybersecurity across every industry, the IT department should be consulted about any change to the business’s technology strategy. Instead of implementing tech “solutions” that may or may not solve a company’s problems, getting the go-ahead from the IT department allows every portion of the company to work in unison toward the same goal.

In today’s business climate, technology should align with corporate objectives. You want IT to work in your favor. If relationships within your business between executives and the IT department aren’t up to par, costly disconnect can occur and business processes can be hampered.

You want to make sure you’re keeping the IT department looped into the discussion about new tools and strategies, and that can be made simpler when partnering with a managed service provider. Get in touch with the managed services professionals at ISG Technology today to see how our expertise can contribute to your specific objectives.

Leveraging data boom to solve medical mysteries

The Internet has made accessing vast amounts of information both easy and affordable,and is dramatically improving the research processes of many industries. One sector in particular that has benefited from the convenient access offered by the Internet is health care.

With new innovations like electronic health records, hospitals and doctor's offices are able to compile and share medical information digitally and greatly improve their knowledge of specific diseases and treatment options. Big data initiatives are also starting to play a major role in health care, with organizations using the vast amounts of available information to draw conclusions that may otherwise have gone unseen.

IBM is now looking to throw its hat in the ring in an effort to improve sharing and analysis of health data with the creation of its Watson Health business unit. The unit, which launched in early April, aims to use big data analytics and mobile technology to help doctors, researchers, insurers and patients achieve better health outcomes. Watson Health will offer cloud-based access to IBM's Watson supercomputer to enable healthcare professionals to analyze medical data. IBM has also partnered with Apple, Johnson & Johnson and Medtronic to make it easier for health care organizations to store and analyze patient data.

Taking advantage of the data boom

"Each person creates 1 million GB of medical data throughout their lifetime."

Watson Health allows users to take advantage of the cognitive capabilities of Watson and create "new health-based offerings that leverage information collected from personal health, medical and fitness devices," providing "better insights, real-time feedback and recommendations to improve everything from personal health and wellness to acute and chronic care," according to a release from IBM.

IBM's Watson supercomputer may hold the key to solving medical mysteries.IBM's Watson supercomputer may hold the key to solving medical mysteries.

Watson Health operates on a rather basic premise: Each person creates approximately 1 million gigabytes of medical data throughout their lifetime, so why not use that information to create positive health outcomes and fuel new research? A recent report by IDC Health Insights predicted that 80 percent of health care data will pass through the cloud at some point in its lifetime by 2020. The study went on to predict that this shift to the cloud will drive 70 percent of health care organizations to invest in consumer-facing mobile apps by 2018. With so much digital health information being created, and more being made all the time, there has never been a better time to use such data to improve health care and patients' quality of life.

The Watson supercomputer is able to adapt and learn based on information it is fed. The Memorial Sloan Kettering Cancer Center in New York has been inputting medical literature focused on cancer into Watson for more than three years, and the computer has used the data to learn how cancer has been treated traditionally, and perhaps eventually create new, progressive treatment options.

"What Watson can do is look at all your medical records – he has been fed and taught by all the best doctors in the world – and comes up with what are the probable diagnosis, percent of confidence, the why, rationale, odds and conflicts," said Ginni Rometty, chairman and CEO of IBM.

Rometty explained that there is differing potential for false results when diagnosing different types of cancer. Watson's first task is analyzing data on melanoma and figuring out how to determine whether a melanoma is actually cancerous.

According to Rometty, this is the ideal time to launch Watson Health because three technologies essential to the project – big data, cloud and mobility –  are converging and enabling medical breakthroughs. These main technologies already comprise more than one-quarter of IBM's business and Watson Health plans to capitalize on that.

Anthem Health Insurance latest company to suffer massive breach

America’s second largest health insurance company announced in early February that it had fallen victim to a data breach that may have exposed the data of millions of clients. Anthem Health Insurance admitted that the names, birth dates, addresses, Social Security numbers and income data for as many as 80 million clients and employees were potentially compromised due to a lack of encryption. The company said that there is no evidence that financial or medical information was accessed during the breach.

With a toll in the tens of millions, the cyberattack could be the largest breach of a healthcare company ever, putting it on par with the breaches that took place at Target and Home Depot. The “very sophisticated external cyberattack” exposed the information of so many people that even the insurer’s chief executive was affected. Numerous brands of health plans are operated by Anthem, including Blue Cross and Blue Shield of Georgia, Empire Blue Cross and Blue Shield, Anthem Blue Cross and Anthem Blue Cross and Blue Shield.

Insufficient protection leaves data at risk
In a statement posted on the company’s website, Anthem claimed to have a state-of-the-art security system in place to protect privileged information, but the two most valuable pieces of data for identity thieves – Social Security numbers and birth dates –  were not encrypted. Not surprisingly, this isn’t the first time Anthem has had client information exposed. A 2012 lawsuit between Anthem Blue Cross and the California Attorney General was settled after a claim that the insurer compromised 33,000 members of their plan when they sent letters with Social Security numbers clearly visible in the envelope windows. In 2013, the company again exposed the Social Security numbers of an undisclosed number of doctors and healthcare providers in a document posted to Anthem’s website.

While the information involved in the breach is not included under the Health Insurance Portability and Accountability Act, Anthem will still likely face lawsuits from those affected as they had plenty of warning that such an event was possible. Last summer, the FBI issued healthcare organizations a warning that hackers were targeting them more frequently in the wake of a large scale data breach against Community Health Systems in which 4.5 million patients had their data stolen. While the threat of data breaches have increased in every industry, the risks are even higher for healthcare organizations where companies keep massive amounts of personal information in large databases.