An estimated 1.84 million Americans have been victims of medical identity theft at one point in time, according to a new study by the Ponemon Institute.
However, less than 20 percent of the 788 self-reported victims surveyed reported their information was compromised by a data breach or a hacker. The victims usually knew what happened to their information — about 30 percent of respondents willingly shared their medical information to help someone else get care, and an additional 28 percent knew a family member took their credentials without consent to obtain medical treatment.
It's what Larry Ponemon, PhD, chairman and founder of the Ponemon Institute, calls a "Robin Hood crime," fueled by both the desire to help someone needing assistance and the view the real victim will be a much wealthier entity that will not notice the loss. "They think, 'Who am I really hurting?'" says Dr. Ponemon.
The answer is often themselves. "Most insured adults are completely unaware of the consequences of medical identity theft," says Robin Slade, a development coordinator for the Medical Identity Fraud Alliance.
Of all respondents, 43 percent had to make out-of-pocket payments to insurers to restore coverage, and 39 percent of respondents lost their coverage completely. The study reveals 36 percent of respondents say they spent money to resolve the consequences of medical identity theft. A total of $12.3 billion in out-of-pocket costs were incurred by these victims, money spent on medical services and medication during a lapse in healthcare coverage and reimbursements to healthcare providers to pay for services improperly rendered to others.
The victims faced medical consequences as well — 15 percent were misdiagnosed because of inaccuracies in their health records, 13 percent underwent the wrong treatment, 14 percent experienced a delay in treatment and 11 percent were prescribed the wrong prescription drugs.
"There really can be life-threatening consequences," says Ms. Slade.
Who are these Robin Hoods? The survey revealed those who purposely chose to share their health information tended to be slightly older (an average of 40.1 years compared with 36.4 years for those who did not share), from a lower-income household ($45,801, compared with $69,309), female (58 percent to 42 percent) and more likely to have government insurance than private insurance (31 percent to 21 percent).
Dr. Ponemon suggests the Patient Protection and Affordable Care Act may help curb the instance of family fraud. "When more people are insured, there's less incentive to go into a spouse's wallet and pluck out their insurance card," he says. However, "I'm not expecting a substantial decline," especially as healthcare reform requires more information centrally stored and an easier target for hackers.
Dr. Ponemon and Ms. Slade say healthcare providers need to understand the impact to their organizations and realize the importance of ensuring all patients are properly authenticated before delivering care.
"Healthcare organizations need to help get the information out," says Ms. Slade, as well as take additional steps to authenticate patients before treatment. "Easier said than done, I know. But it has to be part of a hospital's comprehensive risk management strategy.”
The report “really sheds light on the need for education,” says Dr. Ponemon. “Things can improve, but steps need to be taken."
More Articles on Medical Identity Theft:
White House Officials: PPACA Data Hub Ready for Launch
Industrywide Coalition Forms to Combat Medical Identity Fraud
FTC: Medical Lab Failed to Protect Privacy of 10K Patients