The December 2022 issue of IEEE Spectrum is here!

Close bar

Electronic Health Records: Becoming A Boon To Data Thieves?

Study Claims that Medical Data Theft Rises as EHR Use Expands

2 min read
Electronic Health Records: Becoming A Boon To Data Thieves?

There was a story recently in InformationWeek that says that a study conducted by Javelin Strategy & Research, a  California-based market research firm indicates that more than 275,000 cases of medical information theft occurred in the US last year. This was a 112% increase over that reported in 2008.

James Van Dyke, president of Javelin Strategy & Research, is quoted in the InformationWeek story as saying, "There's more identity fraud of any kind being generated from exposure to health records which [have] particularly sensitive information."

Furthermore, Mr. Van Dyke says he expects that as electronic health records (EHRs) become more widespread, medical fraud will increase. He also believes that medical providers don't have the skills or in-house capability needed to keep EHRs as secure as they need to be.

Mr. Van Dyke echoes the concerns of several organizations that I blogged about last month.

In addition, Mr. Van Dyke points out that unlike stealing a person's driver's license or credit card, the personal information contained in an EHR (e.g., social security number, medical insurance number, credit card or other payment information, prescriptions, etc.) allow data thieves the opportunity to commit several types of frauds instead of just one. Because of this, data thieves are increasingly targeting medical records and by implication, EHRs.

The study, says InformationWeek, says that once medical information is stolen, it is used fraudulently for an average of 320 days as compared to 81 days for other types of identity theft. The reason why wasn't stated in the story, but I assume that credit card companies and the like have much more sophisticated fraud detection systems in place in comparison to health insurance companies or the government health payers like Medicare or Medicaid. Medicare fraud using stolen identities is common and there has been a historic lack of funds to fight it.

Furthermore, the study found that the average cost of medical information fraud is some $12K, more than double that of other identify theft.

Not having seen the study myself, I can't tell how much of the increase in medical fraud is directly due to an increase in the use of EHRs themselves. While there may be a correlation, I am not convinced of their causation - yet anyway.

The Conversation (0)

Why Functional Programming Should Be the Future of Software Development

It’s hard to learn, but your code will produce fewer nasty surprises

11 min read
A plate of spaghetti made from code
Shira Inbar

You’d expectthe longest and most costly phase in the lifecycle of a software product to be the initial development of the system, when all those great features are first imagined and then created. In fact, the hardest part comes later, during the maintenance phase. That’s when programmers pay the price for the shortcuts they took during development.

So why did they take shortcuts? Maybe they didn’t realize that they were cutting any corners. Only when their code was deployed and exercised by a lot of users did its hidden flaws come to light. And maybe the developers were rushed. Time-to-market pressures would almost guarantee that their software will contain more bugs than it would otherwise.

Keep Reading ↓Show less