As the number of data breaches at hospitals and medical offices grows, more Americans are becoming aware of the dangers surrounding medical identity theft. This type of theft is the fastest-growing form of identity theft and poses both financial and medical dangers to victims.
While identity theft relating to credit and debit cards may cost the victim an average of $4,800, medical identity theft, despite being more rare, tends to cost individuals upwards of $12,000, according to Public Radio International. Medical identity thieves can use a victim's information to submit fraudulent insurance claims, obtain Social Security and financial data, or obtain goods and services such as medication and procedures under another patient's name.
Medical identity theft can do a greater deal of damage to a consumer's credit than standard identity theft because it is much more difficult to detect, as individuals do not check their medical records as regularly as they check their credit card and bank statements, according to the PRI. The PRI article wrote of one man who did not uncover the theft of his medical records until he examined his credit report before purchasing a home and discovered an unpaid medical emergency charge amounting to $19,000.
The transfer of patient data to a national electronic records database system may also exacerbate the issue of medical identity theft if security measures are not implemented and followed. Bloomberg writer Margaret Collins told PRI that individuals can reduce their risk of medical identity theft by obtaining a copy of their insurance claims file on an annual basis. Requesting a copy of an individual's medical records following doctor's appointments may also be beneficial to both ensure they were not charged incorrectly for their visit and to retain a copy to show law enforcement in the event of a theft, Collins told PRI.
Due to the increasing risk of identity theft in the U.S., the Federal Trade Commission has instituted a Red Flags rule that is expected to go into effect on January 1, 2011. The rule will require certain industries, including medical institutions, to establish procedures for detecting and resolving identity theft. However, the American Medical Association is currently suing the FTC for exemption from this rule, claiming that they do not fall under the language of the law, which mandates that "creditors" comply with the Red Flags measure.