Another health care data breach

Posted by in Data Breach, News.

The parade of hackings at major health care providers continues with the recent announcement of a data breach at UCLA Health System affecting 4.5 million people.

The compromised information is a treasure trove of personal data for identity thieves. It included names, Social Security numbers, medical records, ID numbers and addresses. But, as I always say, things aren’t as bad as you think – they are far worse. The stolen data was totally unencrypted making the threat to the people whose data was in the UCLA Health Systems computers more serious.

Medical identity theft can not only result in your finances being threatened; the mixing of medical records of the identity theft victim with the medical records of the identity thief utilizing the same medical insurance can potentially be deadly, such as when a person might receive the wrong blood type for a blood transfusion. Compounding the problem is the fact that it is extremely difficult, and sometimes impossible, to remove the identity thief’s medical information from the victim’s medical records after the problem has been discovered, due to quirks in the medical privacy laws.

Medical identity theft is a bad problem that is only getting worse. While credit card identity theft financial liability is limited by federal law to $50, the majority of victims of medical identity theft paid an average of $13,500 to resolve the crime. In addition, according to the Ponemon Institute’s Fifth Annual Study on Medical Identity Theft, “In many cases, victims struggle to reach resolution following a medical identity theft incident. In our research, only 10% of respondents report achieving a completely satisfactory conclusion of the incident. Consequently many respondents are at risk for further theft or errors in healthcare records that could jeopardize medical treatments and diagnosis. Those who resolved the crime spent on average more than 200 hours on such activities as working with their insurer or healthcare provider to make sure their personal medical credentials are secured and can no longer be used by an imposter and verifying their personal health information, medical invoices and claims and electronic health records are accurate.”

Click here to read the full article.

July 25, 2015 by Steve Weisman, USA Today

21CT
AARP Logo
ACCProsLogo100x100x72
Aetna
AMS logo
LogoHorizfromEPS_72dpi
BCBSA Logo
CareFirst BCBS
Center for Identity Management and Information Protection logo
ClearwaterCompliance logo
Coalition Against Insurance Fraud
CFA Logo
csid
emdeon logo
Europ Assistance
Experian Logo
Florida Blue
HFHS Logo
IDE-Logo-Transparent 250x100
Identity Fraud Institute at Hodges University
ITRC Logo
IDologyLogo2014-400_229x75x72
IDT911_notag_200x52
ISSA-Logo-Color-slider
kaiser permanente logo
LifeMedId logo
maize analytics logo
MDCVRC Logo
Meditology Logo
NHCAA Logo
norse-mifa-Slider
North-Shore-LIJ-Logo
Parry Advisory
Patient-Secure-Logo
Paycasso-logo-Strap-150x106x72
SIDC-LogoWeb150x72
Smart-Card-Alliance-Logo
Stoel Rives
TraitWare Logo
UnitedHealthcare
U.S. Department of Labor
U.S. Department of Veterans Affairs