John Doe was a patient at your facility several months ago. Today you received a call from John Doe about a bill for the services provided. He says he was never a patient at your facility. He doesn't understand why he is receiving a bill from you and he is asking to see his medical record.
What should you do?
Mary Smith was a patient at your facility several months ago. You have just discovered that Mary's financial and health information, along with the information of hundreds of other patients, was obtained by an unknown person by hacking into your computer system. What should you do?
A patient comes into your emergency room and their identification documents identify him as Fredrick Summers. The patient doesn't look very much like the picture on the drivers license. The staff suspects the patient is not who he says he is. The problem is he needs emergency care. What should you do?
Identity theft has been called "the fastest growing crime in the history of the world". And there is no way to completely stop it.
If you ask around, you will be surprised at the number of individuals you know who have been a victim of some form of identity theft.
According to the Identity Theft Resource Center website - Identity Theft is a crime in which an impostor obtains key pieces of personal identifying information (PII), such as Social Security numbers and driver's license numbers, and uses them for their own personal gain. It can start with wallets, laptops, PDAs, or flash drives that are lost or stolen, pilfered mail, a data breach of a computer system, computer viruses, email phishing, a scam, or paper documents thrown out by you or a business (resulting in dumpster diving). This crime varies widely, and can include check fraud, credit card fraud, financial identity theft, criminal identity theft, governmental identity theft, medical identity theft and identity fraud.
Identity theft comes in many forms, including individuals who take advantage of a situation for their own gain, employees that have access to normally private information, organized crime looking to sell information for profit and even accidental release of information that either ends up in the wrong hands or is knowingly used improperly.
Because of the special nature of the information contained at healthcare facilities and the large number of individuals that have access to that information, healthcare facilities are ground zero for Identity Theft. No other business entity holds as much private personal, financial and health information about its customers in one place. The impact of a misuse of data from a healthcare facility can be devastating, long lasting and costly for patients (and the facility). It can literally take years for individuals to restore the impact of their stolen identity.
If you ask around, you will be surprised at the number of individuals you know who have either been a victim of some form of identity theft or know someone who has been. It is truly widespread and the problem is growing.
Organizations must take steps to protect themselves and their patients.
Put training and policies into action now to mitigate your risk and protect your facility.
Organizations should put policies, procedures and training in place to mitigate the potential damage of identity theft. The possibility of identity theft of your patient's information can never be completely eliminated. The best protection for your organization is to take reasonable precautions to safeguard the information and to educate your staff on what they can do to prevent identity theft. Some court cases have held organizations harmless when they had the proper policies, procedures and training in place despite a loss of sensitive patient data.
Hundreds of healthcare facilities have reported a data breach. Identity theft is real and is happening now. Put training and policies into action now to mitigate your risk and protect your facility. All healthcare facilities need to be aware that they are a target.
Share on Twitter
