After Anthem breach, Indiana AG tells lawmakers to act on data privacy bill

This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.

In what could be the largest data breach of a healthcare company to date, Anthem continues reeling from news last week that up to 80 million customers could have had their personal data stolen. Tuesday at the Statehouse, Indiana Attorney General Greg Zoeller made his case before lawmakers.

“If you want to wait for the federal government to act, I suggest that’s not something that I would support,” he told lawmakers.

Zoeller is pushing legislation that would force companies like Anthem to limit how long personal data is stored and to notify customers faster.

“I think the larger companies that collect very personal data need to spend more money frankly to protect it at the front end,” Zoeller said. “And do things to clean it up, so they’re not storing things they may not really need.”

Lynn Toops, an Indianapolis class action attorney at Cohen and Malad, is suing Anthem in what she hopes will become a class action lawsuit. A number of lawsuits have been filed nationwide.

“The impact is just going to be enormous and devastating for the consumer,” Toops said. “If any good can come from this, it’s that there needs to be more laws and more accountability to these consumers, and that’s what we’re doing with this lawsuit, first and foremost is to hold Anthem accountable.”

Last year in Indiana, Zoeller said 395 data breaches were reported.

At Tuesday’s hearing before the Senate Homeland Security & Transportation Committee, several privacy experts urged stronger laws.

“In its current state, I don’t believe this would have prevented what happened at Anthem,” J.J. Thompson said, founder of Rook Security.

Critics, though, question whether businesses should be held liable for theft.

“Companies should be given a little credit for operating diligently,” Mark Shublak said, with Ice Miller Public Affairs representing TechPoint.

Zoeller said the immediate concern passing initial protections for consumers at a state level, like other states nationwide have.

Click here for data breach resources from the attorney general's office. 

“The latest data breach on Anthem has gotten everyone’s attention,” he said. “But I want to make it clear we’ve had a lot of this over the past year alone.”

In a statement, an Anthem spokesperson said, “As with any legislation that may have an impact on our customers, we’re monitoring the debate surrounding this proposal.”

The bill still has its hurdles. Final language is still being worked on.

Zoeller said his office has been hearing from a lot of stakeholders including companies and privacy experts.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.