Consistently Putting Safety First: Blue Cross IT’s Commitment to Data Security

bcbsm

| 4 min read

a dark hand against a screen with lots of small numbers.
There is a seemingly endless amount of personal information stored online at any given time. Credit card and social security numbers make their way from website to website with every retail purchase or banking transaction—a free flow of data that makes private information susceptible to being stolen by hackers. With news like the recent Equifax data breach, which has affected more than 140 million people, it has become more vital than ever for people to know their personal data is protected. Blue Cross Blue Shield of Michigan takes the safety and security of members’ personal data seriously. That’s where the Information Technology team comes in—they are the first line of defense to ensure that members’ information is kept safe around the clock. “At Blue Cross, our paramount objective is to protect our members’ health information at all costs,” says Angela Williams, director of information security at Blue Cross. “Our goals and initiatives all center around making sure that data stays confidential, its integrity stays intact and it's available when it needs to be accessed.” The Evolution of Cyber Security
Angela Williams, director of information security According to Williams, online threats against health care data and information have become increasingly sophisticated over the years. “Hackers used to be more focused on the financial service sector, looking for social security information and other data that would assist them in identity theft,” says Williams. However, things took a turn in recent years when hackers saw a profit in stealing health care information. “Unlike the simplicity of changing one’s credit card number after it’s been stolen, cleaning up your health care records after they’ve been sold or fraudulently used is difficult,” she says. “This information is gold for hackers looking to sell it on the ‘dark web.’ It can be months before someone finds out that their information has been used illegally.” This evolution in cyber threats is what drives Blue Cross to be proactive in data security. “We have to be laser-focused on knowing where their information is housed and who has access to it,” says Williams. “We’ve increased our vigilance in educating our employees, have the best technology to quickly detect behaviors that may be a threat against the company and have processes in place to remediate this behavior as soon as possible.” How Blue Cross Protects You Hackers want to penetrate and disrupt a company’s technological systems on a nearly everyday basis, which drives Blue Cross to be proactive in its strategy. “We conduct internal assessments to make sure we have the appropriate level of people, processes and technologies in areas facing the greatest threat,” says Williams. In the end, it’s all about reassurance and confidence in what has been established for data protection. Williams believes that an educated workforce can be a company’s strongest defense against cyber threats. “Knowing that hackers use attacks like email ransomware or malware as a form of extortion, we’ve taken the steps necessary to alert our teams to these potential attacks,” she says. Hackers want to confuse recipients into clicking on their phishing emails, so training is crucial. “We run social engineering exercises to better equip our teams to identify these false emails,” says Williams. This includes yearly testing groups of employees at random. “We want to see if they fall victim to clicking,” she says. “It’s good for us to know if they click the links so we can strengthen our security awareness and continue training our employees.” How You Can Protect Yourself As a member, you also play an active role in IT security by staying vigilant about your health care data. “Protection of data can be two-fold since it exists in two places – on paper and online,” she says. “Effective ways to protect your data include keeping online account passwords complex, to lower the chances of someone accessing it, review emails thoroughly before clicking any links or attachments, as well as reviewing any Explanation of Benefits you receive, to ensure that the services listed are services you personally received.” To learn more about our commitment to the protection of members’ data, visit these blogs:
Photo Credit: kalhh
MI Blue Daily is sponsored by Blue Cross Blue Shield of Michigan, a nonprofit, independent licensee of the Blue Cross Blue Shield Association