As if having a medical issue doesn’t cause enough stress in and of itself, patients often have anxiety about how they are going to cover the costs of doctor visits, procedures and prescriptions. And now there’s even more to worry about: introducing medical identity theft. According to a recent survey conducted by the global professional services firm PricewaterhouseCoopers, more than 1.42 million Americans were affected by this in 2010, making medical identity theft the fastest-growing form of ID theft. It amounted to more than $28 billion in costs overall.
“Most breaches are not the result of [information technology] IT hackers, but rather reflect the increase in the risks of the knowledgeable insider related to identity theft and simple human error — loss of a computer or device, lack of knowledge or unintended unauthorized disclosure,” said James Koenig, director of the Health Information Privacy and Security Practice at PwC, in a press release as reported by the accredited medical news source MedPageToday.
The report revealed that most often, patients’ private, health-related information was compromised or misused by the employees of the very facilities from which they sought care, such as a hospital or doctor’s office, in addition to employees of insurance companies and life sciences organizations. Some examples of such security breaches are employees making inappropriate comments on social networking sites such as Facebook, casually chatting about the specifics of a person’s protected health information in public places and leaving private documents out in places where anyone was able to read what information they contained.
The data thieves are trolling for in a hospital setting “is either health insurance information, to be able to resell access to people who don’t have insurance or, most often, access to prescription drugs which are a commodity that can be sold on the street,” said Koening, according to Business Week.
The increasing digitization of patient information also poses security concerns.
“The health IT and new uses of health information are changing quickly and the privacy and security sometimes may not be moving in step,” said Koening according to reuters.com. “That is some of the most sensitive and important information to a consumer, so with the advancement of healthcare IT it’s only natural that advancements in privacy and security should come along.”
For the nationwide survey, PricewaterhouseCoopers compiled information acquired from 600 executives from health insurance companies, doctors’ organizations, hospitals, pharmaceutical manufacturers, as well as life sciences companies.