Fortune reports on an increase in cases of medical identity theft in the United States, which has implications for patients’ health privacy:
In the last five years, the number of data breaches in the medical sector has quadrupled. Last year, for the first time, the medical sector experienced more breaches than any other. It’s again on track to lead in 2014, according to the ID Theft Center. While the health care industry has long suffered fraud by providers or employees fraudulently billing insurers, Medicare, or Medicaid, the medical industry is only just now trying to catch up to the quickly growing threat from hackers.
With the increasing digitization of health information (in the form of electronic health records) and the formation of health exchanges (due to the Affordable Care Act), the trend in medical identity theft is unlikely to abate any time soon. Personal medical information is useful to many different types of criminals, which is why it fetches a higher price on the black market than financial information.
The sheer number of targets also makes the medical sector easy prey. Furthermore, technology has come relatively late to the health industry, and data security at health organizations can lag behind. The digitization that accompanies the Affordable Care Act may initially cause a surge in the number of breaches, but some analysts believe it could eventually reduce demand for medical information. […]
The worst-case scenario for medical fraud victims is having their medical record contaminated by someone else’s health information, such as an incorrect blood type or allergies. Even if the fraud is detected, the nightmare has only begun. It can be difficult for patients to flush mistaken information from the system because they don’t know how many databases have their information and which ones need to be corrected.