Home » News » Data Warehousing | Electronic Health Records | Enterprise Content Management | Privacy and Security
Receive News By Email

  • del.icio.us
  • Digg
  • StumbleUpon
  • Reddit
  • Facebook
  • Google
  • RSS Icon
  

Medical identity theft on the rise

March 15, 2011 | Mike Miliard, Managing Editor

Related Resources

IRVINE, CA – A new study from the Ponemon Institute, sponsored by Experian, finds that almost 1.5 million Americans are victims of medical identity theft – an increase from last year. While consumers grasp the importance of protecting their medical and personal information, it reports, few take the precautions to avoid medical ID theft.

The study also found that the average cost to resolve a case of medical identity theft stands at $20,663 – up from $20,160 in 2010.

[See also: Experts name top 7 trends in health information privacy for 2011.]

Other key findings from the survey include:  

  • Recognizing the importance of privacy does not equate to action. Despite consumers wanting data privacy – and strong statistical evidence of data vulnerability – people are not taking action to protect their valuable health information. Nearly 70 percent of respondents felt it was important to have control over their medical records, and 80 percent felt that healthcare organizations should ensure the privacy of these records. But those beliefs do not translate to action: 49 percent of victims took no new steps to protect themselves after a crime.
  • Consumer indifference is fueled by lack of understanding of repercussions. Half of former victims chose not to report the incident to law enforcement at all, up from 46 percent in the 2010 study. The chief reason for this was the lack of resulting harm and the desire to not "make it a big deal" (43 percent). In fact, more victims fear embarrassment (37 percent) than the loss of medical coverage (21 percent) or a diminished credit score (18 percent) as a potential result of medical identity theft.
  • Medical data breach notification fails to protect the consumer. The risk of medical identity theft lies beyond consumer control, as health care organization data breach accounts for a significant portion of reported incidents. When a breach occurs, the organization normally is required to inform the affected people, depending on state law notification requirements. But just 5 percent of victims learned of their theft from a data breach notification – a troubling fact, considering that data breach accounted for 14 percent of all theft instances. This includes breaches involving health care providers, insurers or other related organizations.
  • Consumers are uninformed of new health care reform policies. The majority of survey respondents (55 percent) are not familiar with or have no knowledge of the new policies. And more than three quarters, 79 percent, are not aware of the creation of a national electronic database of Americans' health information. Meanwhile, 33 percent believe that a national electronic database will increase the risk of medical identity theft.
  • Medical identity theft is a family affair. Remarkably, the study showed the rate at which medical identity theft occurs between family members. Theft of this nature accounted for 36 percent of all victim responses, making it the most common type of theft. The frequency of family-related medical identity theft contributed to the most commonly stated reason (51 percent) why victims elected not to report a given incident: the victim discovered that he or she knew the thief and did not want to report him or her.

"The results of this study shed a troubling light on not only the pervasiveness and consumer perceptions of medical identity theft, but also the dangers of data breach," said Jennifer Leuer, general manager of Experian's ProtectMyID.


[See also: Hospitals 'struggling' to protect patient data.]

"Our study shows that the risk and high cost of medical identity theft are not resonating with the public, revealing a serious need for greater education and awareness," said Larry Ponemon, chairman and founder of the Ponemon Institute. "We also feel these results put an even greater onus on healthcare organizations to make the security of sensitive personal health information a priority in order to protect patient privacy."

Related Topics:

Reader Comments (7)Login to Post a Comment

pchoca says: I.D. Theft
March 21, 2011 | 6:06PM GMT

I agree with kathrynw. The problem for most of us, is that it's not clear what we, as individuals, can do to prevent health care I.D. theft. Mostly, it feels as if we have to depend on medical providers to make sure that they keep our information safe.

sraghavan says: Cost ??
March 21, 2011 | 1:40PM GMT

with the proliferation of healthcare IT, medical ID theft is going to be on the rise and is a critical issue now more than ever. More stringent regulations to that regard, will only increase the health care cost and will be pushed to the consumers (patients)..

Art says: Medical Identity theft
March 18, 2011 | 12:38PM GMT

Since ID theft must be rampant,as $1 out of ecvery $3 spent is waste, fraud and abuse, who checks on ID theft in Medicaid and Medicare cases?

RakeshSB says: Identity Theft- Impact of Cloud Connectivity
March 17, 2011 | 2:57AM GMT

With increasing appetite for cloud delivered services, I presume that the trend in Medical Identity Theft is heading north. Inspite of offering promises of security, identiy & access management tools have still not proven effective enough to prevent increasing security breaches.

Secondly, efforts to make cloud services secure, would also impede some of the advantages of cloud services - most importantly the lightness of the applications/services delivered over th cloud.

kmehler says: Re: Identity
March 17, 2011 | 11:25AM GMT

Another straining issue is the actual identity theft protection efforts companies apply. Generally these services will not protect you from medical identity theft. The only protection they really can give customers is lowering the risks. Once your information is out on the Web, it's out there. Most patients also do not notice that their information has been hacked unless they get a concerning call from a doctor, or a bill that doesn't make sense.

Kathrynw says: Fail.
March 16, 2011 | 11:27AM GMT

Your opening paragraph states, "A new study from the Ponemon Institute, sponsored by Experian, finds that almost 1.5 million Americans are victims of medical identity theft – an increase from last year. While consumers grasp the importance of protecting their medical and personal information, it reports, few take the precautions to avoid medical ID theft."

And yet your story does not provide *any* precautions to avoid medical ID theft.

Your concluding paragraph says (in part), "Our study shows that the risk and high cost of medical identity theft are not resonating with the public, revealing a serious need for greater education and awareness," said Larry Ponemon, chairman and founder of the Ponemon Institute."

So, where is the educational piece of your story that explains exactly what "medical identity theft" is?

Try again.

skater1 says: Identity theft
March 15, 2011 | 2:07PM GMT

This is a very interesting situation. I was a victim in a very strange way. Someone without insurance made up a SSN which happened to be mine. The billing company (radiology) billed my insurance company for a procedure (luckily it was simple) that I never had in a hospital I was never a patient at. I reported it to the police and to all of the credit bureau's, Experian as well and everything worked out. The patient used a fake name, bd, address, phone, etc. In this case I could not have done anything except react they way I did but you really have to report the issue. This can happen to you.