Senior Communications Manager
Kirk Nahra Discusses Privacy Concerns Associated With Company Mergers
Kirk J. Nahra, chair of Wiley Rein’s Privacy Practice and co-chair of the Health Care Practice, was quoted in a HealthcareInfoSecurity article discussing the security and privacy concerns associated with mergers and acquisitions. The article specifically references two mega-deals in the health insurance industry between Anthem Inc. and Cigna; and Aetna and Humana.
Mr. Nahra commented that the transition period after two companies merge presents new risks. “Because of the tremendous concerns about data security and cybersecurity breaches, integration of overall security is a particular challenge,” he said. “It is easier to attack a hybrid, half-integrated company than two separate companies.”
Some merged organizations will consider capitalizing on the best of both information security systems. Mr. Nahra added that while that best-of-breed-themed approach might work well in some mergers and acquisitions, typically things don't end up going that smoothly. "There are two kinds of challenges—inconsistencies in practices, either involving data security or privacy, and then operational implications of these inconsistencies, where one of the entities tries to apply its process or practices to the differing practices or operations of the other,” he said. “These challenges are exacerbated when there hasn't been a lot of due diligence on privacy/data security issues.”
To read the full article click here.