RSA: Identity Theft Challenges for Healthcare

Tony Kontzer reports:

The phenomenon of medical identity theft is on the rise, and healthcare companies face more challenges in addressing the issue than their counterparts in the financial services industry, a panel of experts agreed Thursday at the RSA 2010 conference in San Francisco.

The Federal Trade Commission estimates the number of American patients victimized by medical ID theft each year at 250,000, and research firm Javelin Group recently reported that while the number of incidents is relatively low in comparison with financial identity theft, the financial impact of medical IT thefts is much higher because of the astronomical costs of medical care.

Ryan Brewer, chief information security officer for the Centers for Medicare & Medicaid Services (CMS), said the financial industry has done a good job of dealing with this, in part by sending the all-too-familiar letters alerting customers of suspected data breaches and re-issuing affected credit cards. Such simple actions won’t work for healthcare firms, Brewer said. “How often have you gotten a letter from a healthcare provider saying, ‘We had some data stolen, and we’re issuing you a new blood type’?” he asked.

Read more on CIO Insight.

About the author: Dissent