Healthcare and Technology news
37.0K views | +9 today
Follow
Healthcare and Technology news
Your new post is loading...
Your new post is loading...
Scoop.it!

Medical identity theft sees sharp uptick

Medical identity theft sees sharp uptick | Healthcare and Technology news | Scoop.it

The number of patients affected by medical identity theft increased nearly 22 percent over the past year, according to a new report from the Medical Identity Fraud Alliance – an increase of nearly half a million victims since 2013.


In five years since the survey began, the number of medical identity theft incidents has nearly doubled to more than two million victims, according to MIFA, a public/private partnership committed to strengthening healthcare by reducing medical identity fraud,

"Over the past five years, we've seen medical identity theft steadily rising with no signs of slowing," said Larry Ponemon, chairman and founder of the Ponemon Institute, which conducted the study. "Our research shows more than two million Americans were victims of medical identity theft in 2014, nearly a quarter more than the number of people impacted last year."

In San Diego March 5-6, the two-day Privacy & Security Forum, presented by Healthcare IT News and HIMSS Media, featuring 26 sessions and 40 speakers from healthcare organizations such as Kaiser Permanente and Intermountain Healthcare, will put the focus on cyber crime and data security, discussing best practices to help keep these numbers in check.


Other findings from the report:

  • Sixty-five percent of medical identity theft victims surveyed paid more than $13,000 to resolve the crime. In 2014, medical identity theft cost consumers more than $20 billion in out-of-pocket costs. The number of victims experiencing out-of-pocket cost rose significantly from 36 percent in 2013 to 65 percent in 2014.
  • Victims are seldom informed by their healthcare provider or insurer. On average, victims learn about the theft of their credentials more than three months following the crime and 30 percent do not know when they became a victim. Of those respondents (54 percent) who found an error in their Explanation of Benefits, about half did not know to whom to report the claim.
  • In many cases, victims struggle to reach resolution following a medical identity theft incident. Only 10 percent of survey respondents reported achieving completely satisfactory conclusion of the incident. Consequently, many respondents are at risk for further theft or errors in healthcare records that could jeopardize medical treatments and diagnosis.
  • Nearly half of respondents (45 percent) say medical identity theft affected their reputation in some way. Of those, nearly 90 percent suffered embarrassment stemming from disclosure of sensitive personal health conditions and more than 20 percent of respondents believe the theft caused them to miss out on career opportunities or lose employment.
  • A large majority of respondents (79 percent) expect their healthcare providers to ensure the privacy of their health records. Forty-eight percent say they would consider changing healthcare providers if their medical records were lost or stolen. If a breach does occur, 40 percent expect prompt notification to come from the responsible organization.

"2015 will be a year of increased attention to the pervasiveness and damaging effects of medical identity theft," said Ann Patterson, senior vice president and program director at MIFA, in a press statement. "As we've already seen this year, the healthcare industry is and will continue to be a major target for hackers. Stolen personal information can be used for identity theft, including medical identity theft and the impact to victims can be life-threatening."


more...
No comment yet.
Scoop.it!

How one health system is putting an end to insider snooping

How one health system is putting an end to insider snooping | Healthcare and Technology news | Scoop.it

Insider snooping into patient records is nothing to take lightly. It often ends in a compliance nightmare – costly and time-consuming – not to mention the patient trust levels that take a serious hit. By making patient privacy an utmost priority, executives at the West Virginia United Health System have tackled this issue head on through a variety of different avenues and have already seen marked success. 

There's no one magic bullet to ensuring patient record snooping doesn't happen, said Mark Combs, assistant chief information officer for the West Virginia United Health System. But by implementing a host of initiatives, comprehensive training and tapping into information technology for audits, Combs and his team have shown it can be done.

Combs, who will be presenting WVU Healthcare's privacy case study at HIMSS15 this April in the session "Stop Insider Snooping and Protect Your Patient Trust," says the six-hospital healthcare system goes far beyond the traditional computer modules that have a privacy component, as "there's no real learning that occurs in that; it's more of just a sign off," he said. Rather, they get to all employees as soon as they come on board with the organization. They have a privacy officer present to all new employees about the importance of patient privacy and what their responsibilities and expectations are.

What's more, the health system sends out monthly security reminders that come from the individual hospital's privacy and security officer. They also have digital media boards with privacy and security reminders; they present to enterprise management and leadership groups within the organization. And even more significant? They're not afraid to audit their employees.

There's an old saying Combs loves to use that describes his philosophy: "What's measured is what matters," he said. "So people know we're measuring and watching their access; it gives them pause when they start to consider to do something like this," he added. And it certainly doesn't hurt that the health system's HR department has been supportive of this all along.

Audits are done at the organization "almost daily," he said, amounting to several millions of accesses audited each year. The access audits from multiple applications enterprise-wide are consolidated, and then, as Combs described, WVU has an application that consolidates those and runs reports, which are analyzed by a special team.

And though their efforts have been successful, this holistic approach to curbing unauthorized access into patient medical records did not happen overnight, Combs explained. 

“It's been many years in the making. We keep striving to improve, and we keep looking at our risk assessments, and we keep looking at our surveys, and we keep looking at our incidences and situations that do occur in the organization that drive us to change,” he said. “And I think that's one of the most important things: it's an iterative process. You can't just set up a program and walk away and expect it to run. It takes people that are dedicated, people that are focused and people who really care about the privacy and security of the patient's information.”


more...
No comment yet.