Why Medical Identity Theft Is Rising And How To Protect Yourself
Anthem. Premera. Carefirst.
Since the start of the year, these three major health insurers, all Blue Cross Blue Shield plans, have been victims of major data breaches, with up to about 92 million records affected.
For the past three years, the health/medical sector has accounted for the highest percent (42.5% in 2014) of total hackings of any industry, according to the Identity Theft Resource Center. While data breaches at major retailers like Home Depot and Target may resonate more in consumers’ minds, files that contain someone’s medical data can make victims much more vulnerable.
The ramifications can range from financial to medical. Not only do medical records usually contain payment and billing information, leaving credit card information exposed, but they also often contain sensitive data like Social Security Numbers and information that could enable a fraudster to obtain medical services under the victim’s identity. If the perpetrator’s medical information mixes with the victim’s, she could receive medication to which she is allergic, or her record may contain the incorrect blood type.
For many years, the top cause of lost or stolen patient data was a health care organization employee losing a device or having one stolen. In 2014, for the first time, the top cause was a criminal attack, according to the recently released fifth annual Ponemon Institute Study on privacy and security of health care data.
“Organizations in the health care industry, like hospitals, as well as their business associates — the organizations that help them manage and protect their data — are under cyber attack,” says Rick Kam, president and cofounder ofID Experts, which sponsored the study.
Ninety-one percent of health care organization have had at least one data breach involving the loss or theft of patient data in the last two years, and 59% of their business associates experienced the same.