Defining Your Obligations as an Employer
On March 17, 2015, Premera announced a data breach involving the personal information of more than 11 million individuals resulting from what it characterized as a sophisticated, targeted cyber-attack. Employers and plan sponsors should take steps to verify how the Premera breach affects their plans and that notifications are being appropriately provided to consumers, attorneys general, and regulators, in compliance with HIPAA and state law. The Premera breach appears at the moment to be separate and distinct from the Anthem breach that was announced in February. It remains to be seen whether they are related.
Continue reading here.