Recently I addressed the importance of having plans in place to protect personal health information in light of the sharp increase in healthcare data breaches.  Unfortunately, research studies are finding that incidents of fraud resulting from exposed healthcare data are on the rise. A recent Javelin Strategy and Research study noted that fraud resulting from exposed health data has more than doubled over the past year.

This sharp spike is due to the extensive personal information available on an individual’s health record.  According to a recent RSA Online Fraud Report, the types of fraud that can be committed using full information profiles are limitless. Not only is the individual a potential victim, the healthcare providers, insurers and the pharmaceutical companies are as well.

The RSA Report sites examples where a cybercriminal steals personal health information (PHI) to file false patient claims to an insurer.  A second example includes making false prescription orders to fuel the underground prescription drug trade.  Unfortunately, the consumer whose PHI is being abused may incur damages beyond being a victim of someone stealing their medical information.  Consumers may come under criminal investigation for defrauding the insurer or buying prescriptions illegally.  That doesn’t sound fair, does it?

It is of paramount importance to develop policies to deter and detect data breach threats.  However, it is of equal importance to keep customers informed of how to protect their health privacy themselves. National Cyber Security Awareness Month begins October 1 this year. Please consider informing your clients and customers of how they can remain safe online.