By Megan Williams, contributing writer
Medical identity theft is the topic of a recent Ponemon Institute study (available for free, by request, here). The fifth annual study was sponsored by the Medical Identity Fraud Alliance and supported by Kaiser Permanente, Experian Data Breach Resolution, and others.
Your healthcare IT clients will find this study most interesting from the perspective of cost to them, and how their patients react to perceptions of the safety of their information. This article covers highlights from the report.
Medical ID Theft Costs
This is an area that differs greatly from credit card fraud. A majority of medical identity theft victims find themselves paying an average of $13,500 to resolve their issues, including payments to the provider, insurance companies, and obtaining identity service providers, and legal counsel.
Medical identity theft also differs from credit card theft in the area of complexity. When medical identities are stolen, providers seldom inform victims of the theft. When they do find out, it’s usually more than three months after the crime, and a full 30 percent don’t know when they were victimized. Additionally, 54 percent of respondents didn’t know who to report errors found on their explanation of benefits (EOB).
HIPAA Slows Down Resolution
Because of Health Insurance Portability and Accountability Act (HIPAA) stipulations, victims of medical ID theft have to be involved in resolving the crime, and according to the study, it’s neither a pleasant, nor fruitful process. Only 10 percent of respondents reported a completely satisfactory conclusion to their issues.
Reputations Are At Stake
Almost half of respondents said that their reputation was affected in embarrassing ways because of the disclosure of sensitive information. More severely, 19 percent said it caused them a loss of career opportunities, and 3 percent said it caused them a loss of employment.
Patients Hold Providers Responsible
While generally low confidence levels were reported, 79 percent of respondents said it was important for providers to protect their information. Almost half (48 percent) would consider changing providers if their records were stolen or lost. Patients also expected prompt notification in the case of a data breach.
The survey also includes additional information, including the increase in vulnerability due to the ACA, victim expectation of compensation, and the rapid growth rate in medical ID theft over the last five years.