cyber security

Over the last two weeks, we’ve seen one of the largest data breaches in our country’s history unfold. The second largest health insurer in the U.S., Anthem Inc., experienced a “very sophisticated cyber attack” on Jan. 29, which exposed the names, birthdays, medical IDs, Social Security numbers, street addresses, email addresses and employment information, including income data, of as many as 80 million customers.

While this was not the first breach of health data – millions have been affected by previous health data breaches – the Anthem breach is by far the biggest and it will not be the last.

In the wake of this significant breach, we have been observing Anthem’s communications response. Here are some key learnings:

  •  Act quickly and walk toward the crisis: As our own crisis guru Bob McNaney says, “Always walk toward the crisis, not away.” With a healthcare data breach affecting more than 500 people, organizations are required by federal law to disclose the hack or breach within 60 days. Upon discovering the breach on Jan. 29, Anthem immediately took action to secure the vulnerability and contacted the FBI. The company also hired Mandiant, a top cybersecurity firm, to assess Anthem’s IT systems and provide solutions. These quick actions earned public praise by the FBI and became talking points to demonstrate to the public that Anthem had a plan and was taking swift and immediate action.
  • Know when to proactively alert the public: In crisis situations impacting large numbers of people, property or the environment, you have a responsibility to proactively address the issue and demonstrate to the public that you are working to resolve the problem. In the case of Anthem, the sheer number of people potentially affected meant that a proactive approach was the only approach to take. Taking a proactive approach was also important for influencing the first media story about the breach. They announced the breach to the public within the week and launched a coinciding microsite and hotline at the same time, which serves as a hub for all customer questions and concerns, and is continually updated. The microsite – – includes a statement from the President and CEO, Joseph R. Swedish, and frequently asked questions.
  • Consider all communications tools available to you: In addition to the microsite and hotline, Anthem reached out to customers directly and shared the open letter from Mr. Swedish on Facebook and Twitter. They also reached out to reporters directly to provide information. It is important to consider the most effective communications channels to reach people affected as quickly as possible.
  • Show you care and that your number one priority is the people you serve: Expressing empathy and compassion is a crucial element of your initial messaging. Anthem’s initial statement from Mr. Swedish includes the following line, which has been one of the most picked-up quotes in news stories regarding the breach: “Anthem’s own associates’ personal information – including my own – was accessed during this security breach. We join you in your concern and frustration, and I assure you that we are working around the clock to do everything we can to further secure your data.” Anthem is not only showing they care with words, they are also providing resources for customers to learn more – like the microsite, the hotline and interaction with their social channels – and have committed to providing credit monitoring and identity theft protection to all affected customers.
  • Be responsive and transparent: Throughout the last two weeks, Anthem has been quick to respond to media inquiries and to provide information. This has paid off, as most stories about the breach, particularly the initial stories, have included quotes from Anthem spokespeople, elements of the initial statement and links to the microsite for more information. As new developments arise – such as a phishing scam that quickly followed the breach – Anthem is quick to disclose the issues and make recommendations for customers to protect themselves. This dynamic, ongoing responsiveness has shown Anthem’s dedication to customer trust and resolving this issue.

What do you think about Anthem’s response to this data breach? As you think about potential threats to your own organization, do you have a crisis plan in place?