HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Results of 2013 Medical Identity Theft Survey Released

The Ponemon Institute has published the results of its 2013 Survey on Medical Identity Theft. The survey, sponsored by the Medical Identity Fraud Alliance (MIFA), aims to discover the extent of medical identity theft in the U.S and its impact on the healthcare industry and consumers. The annual survey can be used as an indicator of the prevalence of medical identity theft in the United States and also to identify trends and gauge how effective HIPAA regulations have been.

Medical Identity theft is a growing problem which has grave implications for both healthcare organizations and consumers. Data breaches carry heavy penalties for healthcare organizations if appropriate measures to protect electronic health records of both employees and patients have not been employed.

Data analysis of the survey data suggests up to 1.84 million U.S. citizens have now become victims of medical identity theft and have had to cover $12 billion in costs and expenses as a result of the theft or inappropriate use of their medical data.

The problem is not limited to finances as medical identity theft can have life-threatening consequences. When faced with having to cover the debts run up by thieves, the victim’s health can suffer considerably; however when stolen social security numbers are used by thieves to obtain prescription medications or to make false medical claims, the details of those prescriptions and illnesses are added to a patient’s records. This potentially affects all further medical services received by the legitimate patient.

Please see the HIPAA Journal Privacy Policy

The survey showed that over half of consumers were unaware of how medical identity theft can result in misdiagnoses of illnesses and receiving incorrect treatments, while half of the people surveyed had not taken steps to protect their identities and secure their medical information. In many cases this was due to not knowing how to.

The survey was conducted on self-reported victims of medical identity theft and close family members and the key findings are listed below:

Medical identity theft is on the rise

Consumers had to cover $12.3 million in out of pocket expenses and the socioeconomic problems that medical identity fraud causes are considerable. As a result of identity theft, over half of the survey respondents had lost faith in their healthcare provider and 57% would change provider if they believed their data was not being properly protected.

Majority of consumers are unaware of the problem

Half of survey respondents were unaware of the implications that medical identity theft could have on their health and how changes could be made to their medical records which could result in incorrect medical diagnoses and receiving incorrect medications, potentially capable of permanently damaging health or causing loss of life.

The health of medical identity theft victims is being affected

The survey asked questions on diagnoses and treatments received and found that 15% had received a misdiagnosis, 13% an incorrect treatment, 14% had treatment delayed and 11% were prescribed incorrect medication due to medical records being altered as a result of identity theft.

Not enough consumers are taking steps to protect their identities

Only half of consumers have taken measures to protect their identities, such as using credit monitoring services or checking their Explanation of Benefits (EOBs). 54% did not check their health records due to a lack of trust in their healthcare provider or not knowing how to check records. 54% also failed to check EOBs. Of those who did find odd entries in their records, 52% failed to take any action or query them with their healthcare provider.

PHI is being shared with family members to obtain medical services

The sharing of PHI with family members is a problem which could place cause serious health issues. Nearly a third of respondents had shared personal information with family members in order to obtain treatment or medical services and a fifth could not remember how many times they had shared that information. The survey suggests that in a substantial number of cases, reported medical identity theft is the result of accidental disclosure of personal health information to a friend or family member. 48% of respondents claimed to know the perpetrator of the fraud and did not want to report the person to the authorities.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.