Feds seek remedies for medical identity theft

Published: November 13, 2012 by Michael Bruemmer

As medical data breaches continue to spike, the federal government is seeking remedies to try and prevent medical identity theft.

Nearly 21 million Americans are at risk of having their medical identities stolen after having their healthcare records exposed in data breaches.1 And that’s just since September 2009, when a new breach notification rule took effect and the U.S. Department of Health and Human Services (HHS) began enforcing the rule and tracking healthcare breaches.

As the problem continues to worsen – theft of medical data increased by 50% last year2 – the federal government is looking for ways to both stem the tide of breaches and help consumers whose medical records have been exposed.

The Centers for Medicare and Medicaid Services (CMS) – which provides coverage to 100 million people – can play an important role in this effort. As the single largest healthcare payer in the nation, CMS can help consumers by responding to breaches a little quicker and by providing more information in its notifications, according to the HHS Office of the Inspector General (OIG).

But the OIG’s recommendations can apply to all healthcare organizations that want to help their patients, clients or employees whose personal information has been exposed due to a data breach.

OIG officials believe if organizations send out breach notifications on-time and provide enough information, then potential victims can take steps to protect themselves. They can be more diligent about checking their credit reports, financial statements and medical records. They can also subscribe to credit and identity monitoring services, if these services aren’t already provided to them by their organizations.

[dropshadowbox align=”none” effect=”lifted-both” width=”600px” height=”” background_color=”#ffffff” border_width=”1″ border_color=”#dddddd” ]Download the Ponemon Medical Identity Theft Study to learn the costly consequences facing patients and providers.[/dropshadowbox]

If everyone does their part, perhaps the healthcare industry will eventually see the tide turn on data breaches and medical identity theft.



1 U.S. Department of Health and Human Services Office for Civil Rights.

2 Identity Theft Resource Center