Guest post written by Bob Gregg
Bob Gregg is CEO of ID Experts, a provider of computer data breach response services.Bob Gregg
The Supreme Court’s decision to uphold the Affordable Care Act could guarantee health insurance coverage for the majority of the 50 million Americans who are now uninsured. While laudable in theory, this legislation doesn’t account for the strain these millions of new patients will have on an already overburdened healthcare ecosystem, especially when it comes to patient privacy and data security.
Our country loses up to $234 billion a year on healthcare fraud – acts of deception for illegal gain, usually financial. If I add that statistic to the $41.3 billion cost of medical identity theft – using another’s medical identity to obtain medical goods and services—it totals well over a quarter of a trillion dollars.
Two factors will make the problem exponentially worse.
First of all, the newly insured encompasses populations typically more vulnerable to scams and theft. This is especially true for citizens eligible for Medicaid under the federal expansion plan.
The second factor is the digitization of every American’s health record by 2014 as well as the adoption of health information exchanges. Not that long ago, a data breach in healthcare meant a nurse showed your file to an unauthorized person. With electronic health records, we now routinely see breaches of a million, three million, up to five million patients…in a single breach.
My friend, Dr. Deborah Peel, founder of Patient Privacy Rights, tells me that “patients have no control over who sees or sells personal health information. Our health data is held in hundreds or thousands of places we have never heard of because of hidden data flows.” Thousands of people, including researchers and government agencies, she says, have easy access to this information.
The net result: a lot of people we don’t know will have simple, unprotected access to nearly every American’s health information, including these “untapped” vulnerable citizens.
In my mind, that raises four major issues—issues that nobody wants to talk about.Increase in Medical Identity Theft.
Lower-income individuals about to receive insurance under the Affordable Care Act are an ideal “target market” for medical identity thieves and fraudsters. Stealing medical identities to obtain medical goods or services is shamefully easy. And victims are often enablers. The Ponemon Institute’s Third Annual National Study on Medical Identity indicates that 65 percent of individuals surveyed would share their medical identity with others. That’s like handing over your wallet to a stranger and saying, “Help yourself.”
Some say if everyone has insurance there will be no incentive to steal another person’s medical identity. That’s like saying if everyone has a job there will be no more stealing. There will always be good coverage plans, great plans, and lousy plans. If your insurance plan only covers the bare minimum, why not steal an insurance card that covers everything?Increase in Fraudulent Activity
Healthcare fraud covers a wide range of illegal activity, from billing for services not rendered to altering medical diagnoses to justify payment for unnecessary procedures. To combat this multi-billion dollar problem, health plans pass the cost on to patients in the form of higher premiums and rates.