This entry is part 21 of 26 in the series HIPAA Privacy-Security Reminders

HIPAA Privacy and Security Reminders – Increased Risk and Consequences of Medical Identity Theft

What Happened?

The 2013 Survey on Medical Identity Theft, conducted by the Ponemon Institute and sponsored by the Medical Identity Fraud Alliance (MIFA), finds that the risk of medical identity theft is increasing, as is the seriousness of the medical and financial consequences for the victims.  Clearwater Compliance is a Founding Member of MIFA.

What Was the Nature of the Information and How Many Individuals Were Involved?

The survey consisted of 788 adults who self-reported that someone used their name and personal identity to fraudulently receive medical service and/or prescriptions drugs and goods, including attempts to commit fraudulent billing.

 What were the key findings from the study?  Blog -MIFA

  • The number of medical identity theft victims is increasing.  The base rate for medical identity theft for adults increased 19% over one year, suggesting that over 1.8 million adults were victims of medical identity theft in 2013.
  • Victims’ lives are at risk.  Half of victims are not aware that their health records might be changed, possibly resulting in misdiagnosis, errors in prescriptions, delays in treatment and mistreatment.
  • Half of victims did not take steps to protect against future medical identity theft. Only 40% review their Explanation of Benefits (EOBs) more carefully and fewer have reviewed their medical records.
  • It can be expensive.  Over a third of the respondents paid an average of $18,660 to resolve the consequences of the theft, including identity protection, legal counsel, reimbursements to providers for services provided to imposters, medical services and medications due to lapse in healthcare coverage.
  • Other financial consequences included diminished credit score, lost time and productivity in resolution, and financial identity theft.
  • More than half of reported crimes resulted from victims sharing their personal identification or medical credentials with someone they knew or were taken by a family member without consent.  Other causes included fake email or spoofed websites, data breach by a provider, a rogue healthcare employee, a lost wallet or mailed statement.
  • Discovery of the theft resulted from uncovered mistakes in health records or EOBs, errors posted to medical invoices, receipt of a collection letter, adverse entry on credit report, or alerts from health care provider.

Recommendations to protect against medical identity theft?

  • Never share medical credentials with anyone
  • Monitor credit reports and billing statements
  • Periodically check your medical records with your doctor
  • Contract with an identity protection provider
  • Report crimes to the police

What Resources Are Available to You?

Contact us for more information or to learn about a tailored Clearwater HIPAA Audit Prep WorkShop™ or the Clearwater HIPAA Audit Prep BootCamp™ series.

More HIPAA HITECH Resources:

The complete HIPAA Privacy, Security and Breach regulations are here.

Join our AboutHIPAA LinkedIn Group:
Follow us on Twitter
Subscribe to our eNewsletter
Attend a live educational webinar.

Series Navigation<< HIPAA Privacy and Security Reminders – UT Physicians Laptop Goes MissingHIPAA Privacy and Security Reminders – WellPoint OCR Settlement Agreement >>

Bob Chaput

CEO at Clearwater Compliance
Bob Chaput is widely recognized for his extensive and in-depth knowledge of healthcare compliance and cyber risk management, and is one of the industry’s leading authorities in healthcare information security today. As a leading authority safeguarding health data, Chaput has supported hundreds of hospitals and health systems to successfully manage healthcare’s evolving cybersecurity threats and ensure patient safety.