The Health Insurance Portability and Accountability Act, or HIPAA External Site, is a law that provides data privacy and security provisions for safeguarding medical and health information.
HIPAA defines a breach of protected health information (PHI) as “the acquisition, access, use or disclosure of PHI in a manner not permitted under the HIPAA Privacy Rule which compromises the security or privacy of the PHI.”
One of the biggest threats to health information privacy is the compromise of data through ransomware. Ransomware is a type of malicious software designed to block access to a computer or computer systems until money is paid. In these cases, the malware encrypts data with a key known only to the hacker. When electronic PHI is encrypted, a breach has occurred because an unauthorized individual has taken control of PHI.
Reporting to Wellmark Blue Cross and Blue Shield
If you suspect that you are a victim of a cyberattack or discover that member PHI has been compromised, you must report all incidents to Wellmark immediately.
Talk to your authorized Wellmark representative or send an email to CyberResponse@Wellmark.com Send Email.