News & Resources

Medical theft rises, affecting patients, vendors, organizations

Sep 18, 2013 Dave King

Medical theft rises, affecting patients, vendors, organizations

As healthcare organizations increasingly move patient health information (PHI) to electronic health records (EHRs), a concurrent rise in medical identity theft and fraud is posing challenges to businesses that partner with this industry.

Medical ID theft increasing, mirrors other types of fraud

According to a recent study from the Ponemon Institute, medical identity theft experienced a nearly 20 percent year-over-year increase in 2012, driven by jumps in "family fraud." The "2013 Survey on Medical Identity Theft" reported that the crime affects approximately 1.84 million people in the United States annually, costing victims more than $12 billion in out-of-pocket costs.

One of the reasons that this type of identity theft is still increasing is that patients are not taking the proper precautions to safeguard their personal information, the study reports, cited by 50 percent of respondents. Furthermore, they are putting themselves at risk by sharing PHI with family and friends, with 20 percent claiming they cannot remember how many times they've shared this information.

"Medical identity theft is tainting the healthcare ecosystem, much like poisoning the town's water supply. Everyone will be affected," said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. "The survey finds that consumers are completely unaware of the seriousness and dangers of medical identity theft."

Protecting businesses, organizations, patients
In an effort to reverse this alarming trend, industry experts are joining together to form the Medical Identity Fraud Alliance (MIFA), Search Health IT explained. Healthcare information is becoming more valuable, the news source reported, as criminals are able to sell PHI for up to $1,300 on the black market, making such an organization necessary.

Members will include ID Experts, the American Association of Retired Persons, the Blue Cross Blue Shield Association, the Identity Theft Resource Center and the National Health Care Anti-Fraud Association. However, MIFA also hopes to partner with an additional 100 public and private healthcare stakeholders, from payers to providers and vendors. The organization will face challenges, though.

"One of the characteristics of the healthcare industry now is that it's hugely fragmented," William Barr, MIFA development coordinator, told the news source. "It allows for EHRs to be sold without any idea of interoperability. We see that continuing, and because of [it], a consumer's contaminated records can be all over the place. In fact, the consumer might not even know where their contaminated records are."

As more healthcare organizations move into the cloud to store these records, MIFA's job may become even more difficult while reports of data breaches increase.