New Research Reveals More Than Two Million Victims Affected in 2014

Occurrence of medical identity theft incidents doubled in the last five years; Consumers left facing more than $20 billion in out-of-pocket costs

WASHINGTON, Feb. 23, 2015 /PRNewswire/ — The Medical Identity Fraud Alliance (MIFA), a public/private partnership committed to strengthening healthcare by reducing medical identity fraud, today released its annual study on the impact of medical identity theft.

The Fifth Annual Study on Medical Identity Theft, found the number of patients affected by medical identity theft increased nearly 22 percent in the last year, an increase of nearly half a million victims since 2013. In the five years since the survey began, the number of medical identity theft incidents has nearly doubled to more than two million victims. The study was released with support from Kaiser Permanente, ID Experts, Experian Data Breach Resolution and Identity Finder, LLC, and conducted by the Ponemon Institute.

“Over the past five years, we’ve seen medical identity theft steadily rising with no signs of slowing,” said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. “Our research shows more than two million Americans were victims of medical identity theft in 2014, nearly a quarter more than the number of people impacted last year.”

Medical identity theft is a national healthcare issue with potential to cause life-threatening and hefty financial consequences for consumers. According to the Fifth Annual Study on Medical Identity Theft, 65 percent of victims surveyed paid more than $13,000 out-of-pocket costs to resolve the crime.

“2015 will be a year of increased attention to the pervasiveness and damaging effects of medical identity theft. As we’ve already seen this year, the healthcare industry is and will continue to be a major target for hackers,” said Ann Patterson, senior vice president and program director at MIFA. “Stolen personal information can be used for identity theft, including medical identity theft and the impact to victims can be life-threatening.”

Noteworthy takeaways and key findings from the report include:

Medical identity theft is costly to consumers
Unlike credit card fraud, victims of medical identity theft can suffer significant financial consequences.Sixty-five percent of medical identity theft victims surveyed paid more than $13,000 to resolve the crime. In 2014, medical identity theft cost consumers more than $20 billion in out-of-pocket costs. The number of victims experiencing out-of-pocket cost rose significantly from 36 percent in 2013 to 65 percent in 2014.

Medical identity theft is a complicated crime
In the case of medical identity theft, victims are seldom informed by their healthcare provider or insurer. On average, victims learn about the theft of their credentials more than three months following the crime and 30 percent do not know when they became a victim. Of those respondents (54 percent) who found an error in their Explanation of Benefits, about half did not know to whom to report the claim.

Resolution of medical identity theft is time consuming and may never occur
Due to HIPAA privacy regulations, victims of medical identity theft must be involved in resolution of the crime. In many cases, victims struggle to reach resolution following a medical identity theft incident. Only 10 percent of survey respondents reported achieving completely satisfactory conclusion of the incident. Consequently, many respondents are at risk for further theft or errors in healthcare records that could jeopardize medical treatments and diagnosis.

Medical identity theft can cause embarrassment; negatively impact consumer confidence
Nearly half of respondents (45 percent) say medical identity theft affected their reputation in some way. Of those, nearly 90 percent suffered embarrassment stemming from disclosure of sensitive personal health conditions and more than 20 percent of respondents believe the theft caused them to miss out on career opportunities or lose employment.

Consumers expect healthcare providers to be proactive in preventing and detecting medical identity theft
Although respondents are not confident in the security practices of their healthcare provider, the vast majority (79 percent) of respondents expect their healthcare providers to ensure the privacy of their health records. Forty-eight percent say they would consider changing healthcare providers if their medical records were lost or stolen. If a breach does occur, 40 percent expect prompt notification to come from the responsible organization.

For a copy of the Fifth Annual Study on Medical Identity Theft, visit

About the Study
The Fifth Annual Study on Medical Identity Theft is based on survey research conducted in 2014, involving adult-aged individuals who self-reported they or close family members were victims of medical identity theft. The survey offers a detailed view of the complex issue of medical identity theft. Additional questions were added to the 2014 survey to expand the understanding of how victims were affected by the theft, the costs they incurred, and the actions they took to resolve the crime.

About Ponemon Institute
The Ponemon Institute is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors, and verifies the privacy and data protection practices of organizations in a variety of industries.

About Medical Identity Fraud Alliance (MIFA)
MIFA is an industry trade association of healthcare providers, payers and service provider stakeholders, working to help its members better protect consumers from medical identity theft and the resulting fraud. MIFA’s goal is to reduce the frequency and impact of medical identity fraud through research, public-private collaboration and information sharing. MIFA members provide leadership to: mobilize the healthcare ecosystem; cooperate to leverage collective power; research to adequately understand the problem and guide solution building; educate consumers, industry, legislators and regulators; and empower individuals to be the first line of defense in protecting their Protected Health Information (PHI). More information can be found at

Media Contacts:
Leah Motz
[email protected]

Ann Patterson
Medical Identity Fraud Alliance
[email protected]

Westgate Blue Tree Resort