Twenty-eight percent of the time, a family member took the personal identification or medical credentials without consent. Most of the remainder of the incidents of medical identity theft stemmed from personal information having been stolen, either through a data breach or an employee in the healthcare provider's office stealing it, though 14% claimed they "don't know" how it happened.
Survey respondents said they found out they were medical identity theft victims either when they somehow uncovered mistakes in their health records or saw errors in statements from health insurers and providers, or even a collection letter demanding payment. It sometimes led to an "adverse entry" on the their credit report.
Only 43% of the time is any crime reported, either because the victim knows the thief or they think the police would be of no help. Just over a third said they were "not harmed by the incident and didn't want to make it a big deal."
"Individuals rarely take steps to check their medical records," the survey report notes. The survey suggests obtaining copies of records from the healthcare provider and checking the accuracy of forms sent by insurance companies.
The survey report concludes that medical identity theft is largely a "family affair" that results from sharing or stealing of personal identification among those people they know. This isn't a new situation, the report acknowledges, but it brings real medical risks and financial consequences. The survey admonishes the government and healthcare organizations to "improve their authentication procedures to ensure imposters are not obtaining medical services and products."
Sign up for CIO Asia eNewsletters.