The Medical Identity Fraud Alliance (MIFA) and the Ponemon Institute released their fifth annual study on Medical ID fraud.
Short version of the results: It is very costly, time consuming and complicated for consumers to resolve medical ID fraud and only 10 percent of the respondents to the study report achieving a completely satisfactory conclusion to the incident.
A copy of the report is available from Ponemon at this address.
Some of the report’s key findings are:
- 65% of the medical ID theft victims had to pay an average of $13,500 to resolve the crime.
- Only 10% of respondents reported achieving a completely satisfactory conclusion to the incident.
- Those who resolved the crime spent an average of 200 hours to resolve the issue
- Many respondents felt that medical ID fraud had a negative impact on their reputation due to having to discuss very personal subjects with a variety of people.
The report, about 40 pages long, has some interesting specifics as well –
- 68% of the respondents are not confident that their health care providers security measures will protect their medical records.
- About half of the respondents think that electronic health records (mandated by the ACA) increases their risk of being a medical ID victim.
- In case of the theft of a respondent’s medical records, 80% want to be reimbursed for costs, 40% want the organization to notify them promptly and 28% want the organization to provide medical ID theft protection.
NOTE: organizations are not legally required to reimburse you (you can try to sue them) and there is no such thing as medical ID theft protection. This is all very different than credit card fraud and likely part of the reason that stolen medical records are extremely profitable to crooks.
- While the rate of medical ID theft is relatively low (about 1% of the respondents), it has doubled in the last 5 years.
- Approximately 60% of the respondents said their medical ID was stolen to get treatments, prescriptions or obtain government benefits.
- 53% of the respondents said that a provider’s negligence caused or contributed to the theft while 30% were unsure. Only 17% did not think the provider was part of the problem.
- 47% of the respondents said that either a family member used their ID without permission or they shared personal information with someone they know (50/50 split), so a large part of the crime – but only half – is committed by someone the victim knows.
- 69% of the respondents are either not familiar with or never heard of HIPAA and the privacy standards – even though everyone has to sign a HIPAA statement prior to getting healthcare.
- Lastly, when asked why they don’t check their health records for accuracy, the respondents answered this way: 53% did not know how to, 39% trust their provider to do it, 35% said their records are not easily available, 33% said it never occurred to them and 25% said they didn’t care.
The last bullet is the most telling one, which puts medical ID fraud where credit card fraud was about 40 years ago.
Hopefully, we can make up the gap in less than another 40 years.