The theft of health records is a growing issue. Not only does the healthcare industry lag in security, impacting both the industry and breach victims, but there can be difficult outcomes following the loss of medical information.
As we've previously discussed, when breach victims have had their health information used for medical care, benefits or insurance, they've been the victim of medical identity theft. The outcome of this type of theft can be wide-reaching, from credit issues to incorrect health assessments. Medical identity theft can take years to resolve, if at all possible.
As recently reported, "for every dollar a stolen Social Security number is worth, your stolen medical information -- a partial medical history, your insurance number -- is worth $50." Leon Rodriguez, Director of the Office for Civicl Rights of the Department of Health and Human Services, says it's time to get tough on enforcement of health privacy laws: "enforcement promotes compliance."
Pam Dixon, founder of World Privacy Forum, is also quoted about the issues of detection:
"The banking industry has set up safeguards to detect ID theft and financial fraud so, for example, consumers get a call if there are unusual, out-of-country spending sprees. But there are few similar safeguards for medical ID theft."
With breaches still being mostly the cause of human error, versus malicious hacking incidents, and with the increased consumerization of IT within healthcare, it's time the healthcare industry step up to update their security measures.
Absolute has always advocated a layer approach to data security of any kind. Do you have questions about your healthcare security? Check out our brochure on security for the healthcare industry.