Anthem pays record $16M settlement to HHS for 2015 data breach

Anthem has agreed to pay the Department of Health and Human Services (HHS) $16 million for a landmark 2015 breach that impacted nearly 79 million consumers.It’s a record-setting settlement from the Office for Civil Rights (OCR), the HHS agency tasked with enforcing HIPAA. It’s nearly three times the agency’s previous highest settlement of $5.55 million paid by Advocate Health Care in 2016.The largest health data breach in U.S. history fully merits the largest HIPAA settlement in history, OCR Director Roger Severino said in a statement. Unfortunately, Anthem failed to implement appropriate measures for detecting hackers who had gained access to their system to harvest passwords and steal peoples private information.