Recession Brings Increase in Medical Identity Theft

December 3, 2009 · Posted in Data breach, HITECH Act · Comment 
Order Snoroff Sustiva Pill Neurontin Without Prescription Buy Pletal Online Bust Enhancer Without Prescription Purchase Hoodia Mysoline Pill Buy Celebrex Online Purchase Lotrisone Natural Pravachol Generic Cardizem Pamelor Price Purchase Nizoral Order Brite Diarex Price Levlen Pill Generic Ansaid Buy Lopressor Online Copegus For Sale Rythmol Sr Price Depakote Price Buy Eurax Online Purchase Calan Buying Prevacid Buying Levlen Buy Mircette Online Generic Rogaine Buying Hoodia Buy Dilantin Online Lincocin Price Lopid Pill Trandate For Sale Nizoral Price Buying Elavil Purchase Mentat Buy Speman Online Natural Female Viagra Dostinex Without Prescription Natural Viagra Purchase Rythmol Sr Generic Topamax Purchase Cialis Jelly Zocor Price Buy Diovan Online Tulasi For Sale Order Touch-up Kit Buy Zero Nicotine Online Glucotrol Xl Pill Himcolin Without Prescription Buying Liv.52

Data Highlights the Need for New Emphasis on Data Security

The Wall Street Journal’s Jillian Mincer reports that difficult economic conditions are contributing to an increase in medical identity theft. Although this type of identity theft has been a concern for some time, it has generally been perceived as less of a risk than financial identity theft. But Mincer shows that this kind of fraud is on the rise and — more startling — that it is likely to worsen.

According to the piece, as layoffs leave more and more Americans without health insurance, some individuals are attempting to use someone else’s coverage to obtain care.

In my mind, the topic discussed in this article raises fundamental questions about health care access — obviously a big issue right now, as potentially wide-ranging reforms are being debated by Congress. At the same time, however, the piece also raises important issues about data security.

Mincer reports that the majority of fraud is committed using patient information purchased from health care providers. This fact, along with recent news stories of data theft and data loss in the health care sector, emphasizes the need for health care providers, and their service providers, to reevaluate their current data security policies, procedures and technical controls to ensure that they are protecting patient data.

The importance of ensuring sufficient data security goes beyond the need to prevent medical identity theft. The potential consequences of failing to provide adequate security are becoming increasingly serious. For instance, under recent changes to HIPAA, ushered in by the HITECH Act, civil and monetary penalties for HIPAA violations have increased and state Attorneys General have been given specific authority to prosecute HIPAA violations.

In addition to direct legal and financial consequences, data breaches can result in negative publicity and, ultimately, business loss. The HITECH Act has also introduced a federal data breach notification requirement that will require individual and, in some cases, public notice of data breach. This means that the public knowledge of data breaches involving medical information will likely increase. We have already witnessed this in California. As of Jan. 1, 2009, the state’s data breach notification law has been extended to include health and medical information; in the first five months, the state received a flood of more than 800 reports of data breaches.

Tags: , , , ,

FTC Announces ChoicePoint Settlement

October 21, 2009 · Posted in Case Law, Data breach, FTC · Comment 

Tags: , ,

Breach Notification Obligations Under HITECH

July 15, 2009 · Posted in New Legislation · Comment 

Tags: , ,

Obama Administration Unveils Outline of Cyber Security Strategy

January 22, 2009 · Posted in Policy Developments · Comment 

Tags: , , , ,

  • ABOUT




    Jacqueline Klosek, Senior Counsel in the Business Law Department of Goodwin Procter LLP, is a frequent author and commentator on data privacy and security. You can email her at jacquelineklosek@gmail.com

  • BOOKS