[ Tuesday, September 02, 2014 ]


Health Care and Identity Theft: Interesting article.  But the premise that data breaches in healthcare equal ID Theft isn't true.  Much of reportable healthcare data breaches do not include any of the data useful for identity thieves.  When lab test results are sent to the wrong office, or a hospital can't locate a piece of computer hardware, or someone steals a laptop that is subsequently scrubbed clean so it can be resold, and in each case there is a name but no social security number, date or birth, mother's maiden name, etc., the chances of identity theft are very low.  But it's still a HIPAA breach, and reportable.

That doesn't lessen the fact that medical identity theft is a big problem, and carries huge, life-threatening risks.  The industry should follow the FTC Red Flags Rule and implement triggers to detect medical identity theft, and work efficiently to correct bad medical records that are left behind. 

Jeff [9:06 AM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template