Identity thieves target electronic medical records

McLEAN, Va. Doctor’s offices, hospitals and clinics have become hot places for identity theft as people become more sophisticated and hack private electronic medical files, according to USA Today.

Legal experts say lawbreakers use medical information to get credit card numbers, drain bank accounts or falsely bill Medicare and other insurers.

Marc Rotenberg, executive director of the Electronic Privacy Information Center, says attention on identity theft has focused on how easily criminals can get financial records. “Now we’re moving into an era where many of those same problems occur with medical records,” he says.

In Florida last year, a front-desk coordinator at the Cleveland Clinic was convicted of identity theft, computer fraud and other charges after downloading patient information and selling it to a cousin, who submitted more than $2.5 million in phony bills to Medicare.

In a recent survey of 263 health care providers, 13 percent said their facility had experienced a data breach. Of those, 56 percent said they notified the patients involved, according to the survey by HIMSS Analytics, a non-profit data analysis firm, and Kroll Fraud Solutions, which offers security-related services.

In January, California began requiring that consumers receive notice when their medical information is improperly accessed. It is only the second state, besides Arkansas, to do so, Dixon says.

Similar legislation, written by Sens. Patrick Leahy, D-Vt., and Arlen Specter, R-Pa., is being debated in Congress.