The Tennessean: Lamar Alexander urges Anthem to speed breach notification

Posted on March 18, 2015

Sen. Lamar Alexander is calling on Anthem, the insurance giant that was hit by a cyberattack, to speed up its efforts to notify people whose information was breached.

Alexander, co-head of the Senate health committee alongside Sen. Patty Murray, D-Washington, issued a public letter to Anthem CEO Joseph Swedish.

The cyberattack on Anthem exposed up to 80 million people nationwide. Anthem is affiliated with BlueCross BlueShield plans in 14 states but not Tennessee.

Although Anthem does not write insurance policies in Tennessee, those it services under TennCare or Tennesseans who used other BlueCross BlueShield networks probably are affected by the breach. Anthem has estimated that 770,000 people in Tennessee were affected by the breach, according to the letter. Amerigroup, a company owned by Anthem, is a TennCare operator and part of the breach.

"More than a month after discovery of the breach, the vast majority of Americans affected by this attack — more than 50 million in fact — have yet to receive notice directly from Anthem that their personal information has been compromised," the letter reads.

Anthem responded to the notification concerns in a statement.

"Over the last few days, we have also accelerated our member notification mailings," Kristin Binns, vice president of public relations at Anthem, said in an email. The company is mailing about 2.4 million letters a day. It also set up a hotline and website for people to sign up for 24 months of free credit monitoring services.

"Should a member experience identity theft that may be a result of Anthem's cyber attack, free identity theft protection services are available and are retroactive to the date of the cyber-attack and do not require enrollment," Binns wrote.

Anthem, based in Indianapolis and formerly known as WellPoint, disclosed in early February that its computer systems had been breached and that unidentified hackers had accessed information of current and former members, such as their names, birthdates, medical identification and Social Security numbers, as well as contact information, including street addresses and email addresses.

"This delay is unacceptable and should be corrected immediately. I will stay closely in touch with Anthem to ensure Tennesseans and other Americans get the information they need as quickly as possible," Alexander said.

Alexander and Murray request that Anthem respond by April 1 with progress on notification and a plan for how the company will reach each affected person.

BlueCross BlueShield of Tennessee began mailing letters to its plan members who were impacted on March 6, said a spokeswoman.