Scarier Than Zombies: Medical Identity Fraud Should Terrify You This Halloween

This Halloween, amidst the candy chomping, pumpkin carving, and costume wearing, the word "scary" will probably evoke images of zombies, vampires, and other monsters. While they can't hurt us in reality, we thought we'd focus on something that's not only truly terrifying, but real: data breaches. Like movie monsters, not all data breaches are created equal. One of the most horrifying types of data breach – if not the most traumatic – involves personal medical data. The worst a zombie can do is rise from the dead to feast on your flesh; healthcare data thieves, on the other hand, can not only imperil your life, but wipe out your finances – a fate almost worse than death.

According to a 2013 study conducted by the Ponemon Institute and the Medical Identity Fraud Alliance, in 2013 there were approximately 1,836,000 victims of medical identity theft in the United States alone, while the rate of medical identity theft among the adult U.S. population increased from 0.68 percent in 2012 to 0.82 percent in 2013. This change represents a 19 percent increase in the rate of medical identity fraud over the prior year. Additionally, half of respondents were not aware that medical identity theft can lead to inaccuracies in their permanent health records, potentially leading to incorrect treatments and medications that could put patients' lives at risk.

Since the 2013 Ponemon Institute study was released, things have only gotten worse. In April 2014, the FBI released a private industry notification noting that cyber attacks against healthcare systems are set to increase in the future. The agency cites three primary reasons for the increased likelihood of attacks:

  • The mandatory transition from paper to electronic health records;
  • Lax cybersecurity standards; and
  • Higher financial payout for medical records in the black market.

When it comes to protecting our identity and finances, we're always told to focus on our Social Security numbers. As all seniors on Medicare know, protecting your Social Security number is not a separate issue from protecting your health data, because your Medicare number is in fact your Social Security number. And while Social Security numbers can yield a dollar or less on the black market, a June 2014 Politico article notes that "a full identity profile contained in a single record can bring as much as $500."

Anyone willing to pay $500 or more for your personal Medical information is planning on making many times that amount through fraud. And while the financial impact can be devastating (imagine receiving thousands of dollars worth of bills for treatment that you never received), the potential damage to your health is even more terrifying. It is possible to imagine a criminal using and modifying a victim's health record to receive prescription painkillers without the patient's knowledge, which could then result in deadly drug interactions when later medications are prescribed to the legitimate patient based on incorrect information.

Two more things to keep in mind. First, there is no standard, established legal process through which individuals can remedy any damage their health records may have received due to fraudsters. Which means that rectifying your healthcare records will most likely be much more complicated than simply ordering a new credit card. And second, Justice Department officials in 2009 estimated that Medicare fraud alone accounts for some $60 billion every year. Approximately half of that fraud could be eliminated through adoption of secure smart cards for Medicaid, yet the House and Senate have dragged their feet and allowed that massive fraud figure to grow year after year. Combine the confusion, financial fraud, and potential danger to your health, and we are left with something that is just plain scary.

Add comment

Security code

Learn How