Cybercriminals Now Targeting Medical Records

by Justin Weinger on April 23, 2014

We wrote a blog article about this topic in February but, as it continues to grow, we felt it was important to write another blog about it and make sure that all of our readers are aware of what’s happening.

With more than 15 million data breaches last year alone, medical identity theft is an enormous problem that keeps growing.

Cyber-security company Redspin reports that, since 2009, nearly 3o million Americans have their personal health information either breached or disclosed. Those 30 million were only the reported breaches to the US Department of Health and Human Services, and the number of actual breaches and disclosures is assumed to be much higher.

Now, lest you think that these cyber criminals are interested in prescription medications or medical conditions, you’d be wrong. What they’re targeting is billing and insurance records which contain valuable data like Social Security numbers, credit card info and addresses all in one convenient to steal place.

The Ponemon Institute, an information security policy research center, released a study recently showing that cyber-criminal attacks on healthcare organizations are up 100% in the last three years. Their first study in 2010 looked at patient privacy and data security and found that, of the people surveyed, nearly 20% had  experienced a breach of one kind or another. Their study of last year (2013) showed that the number had doubled to 40%.

“A financial identity can be worth $5 to $10 if you have all the info. A medical identity can be five to 10 times that amount just because (of) how easy it is to monetize that information once that bad guys get it,” said Robert Gregg, chief executive of ID Experts, a cyber-security firm that sponsored the Ponemon Institute survey.

Another security risk being posed is by medical professionals who access medical data through their mobile devices like smartphones and tablets. While 40% of survey respondents said that they rely heavily on cloud services for backup storage and file sharing, only one third reported that they were confident that their cloud, and the files in it, were secure.

“Health care is substantially behind the financial services industry in terms of protecting identities and it’s particularly concerning because these are the most vulnerable identities we’re looking at,” said Gregg of ID Experts.

What to do to protect your medical records

The statistics above are worrying, to say the least, and if you are wondering about what you need to do to protect your own medical records below are the “red flags” you need to be looking for.

  • Any bill for medical services that you didn’t order or receive
  • Calls from a debt collector about bills or medical debt that you didn’t initiate and don’t owe
  • Collection notices for medical procedures or any type of bill that you don’t recognize
  • Anything on your credit report that refers to medical collections that aren’t yours
  • A notice from your health insurance company saying that your  benefit limit has been reached when you’re sure that it hasn’t
  • If you’ve been denied medical insurance because of a condition that you don’t have

Any of the suspicious activities above should prompt you to quickly get in touch with your insurance company, your credit card company and your bank in order to make sure that your identity hasn’t been stolen and your personal accounts breached. Reporting the fraud to the three major credit reporting agencies, Experian, Trans Union and Equifax is also an excellent idea.



Previous post:

Next post: