[ Friday, March 04, 2005 ]
I haven't discussed this much since it's pretty peripheral to HIPAA and covered pretty extensively elsewhere, but I ought to mention the theft of subtantial amounts of personal (primarily financial and identifying) information from the data aggregator ChoicePoint. Here's
Like the TriCare problem (when someone stole a lot of their computers, computers which held personal and medical information on CHAMPUS health benefit recipients), the issue starts with the improper access of information held by a data company, and quickly morphs into an issue of whether the data company should have all that information, or should hold it more closely.
It seems that the big risk with the ChoicePoint problem is that we may see a slew of identity theft cases stem from the use of the information. But the fix to that should be some reformation in the way victims of identity theft can get their good name back: creditors who became creditors of the identity thief rather than the victim should be forced to remove adverse credit reports and otherwise cut loose the victim, and the victim should be given a way to easily invoke and/or prove that he/she is a victim. Ultimately, the best fix is to but the burden on the beneficiaries of the information aggregation. Maybe, just maybe, that would result in fewer credit card applications in my mailbox.
Jeff [10:45 AM]
Blogger: HIPAA Blog - Edit your Template