Tag Archive for: healthcare data security

Posts

5 Tips for Preventing Medical Identity Theft in Healthcare

July 22, 2020/14699 views / 0 Comments/in BLOG, Clinical Efficiency, Connected Health, COVID-19, Cybersecurity, Data Breach, Data Integrity, Facial Reciognition, Health Care, healthcare, Infection Control, Iris Recognition, Medical Identity Theft, Patient Errors, Patient Experience, Patient Identification, Patient Matching, Patient Outcomes, Patient Safety /by Ryan Stephens

Hospitals, medical centers, and physicians’ offices are not only places where patients should feel safe about getting the right medications, but it should be a place where they also feel safe with their sensitive information. Unfortunately, with the rise in the number of healthcare data breaches, the market is even riper for medical identity theft. Over 41 million patient records were breached in 2019 alone and the majority of them were associated with hacking or cyber attack-related incidents.

Preventing medical identity theft has been one of the top priorities, yet many organizations still rely on antiquated patient identity management solutions. Many leading hospitals, namely, Terrebonne General Medical Center and The University Healthcare System have been successful in preventing medical identity theft and benefitted in many other ways since using RightPatient. Other benefits include eliminating duplication of medical records, improving patient identity matching rates, clinical efficiency, and boosting the overall revenue cycle. But what about medical identity theft? How are patients affected by it? What are the ways for preventing medical identity theft? Let’s find out.

What is Medical Identity Theft?

Medical identity theft occurs when a fraudster uses someone else’s personally identifiable information (e.g. name, DOB, Social Security Number, health insurance number) to fraudulently receive medications or services, including attempts to falsify medical billings. The healthcare industry would have billions of dollars in surplus if all healthcare providers could prevent medical identity theft. This crime involves the fraudulent use of someone’s health insurance information to obtain reimbursement for healthcare-related services provided to a person not covered by the policy. This is one of the most common reasons for the rise in the numbers of claim denials. It affects revenue integrity and requires organizations to put in more strenuous efforts and resources to identify and resolve the problem throughout the revenue cycle management.

How are patients affected by medical identity theft?

Patients may not be able to afford the cost: Financial consequences for the victims of medical identity theft can exceed the cost of credit card fraud. According to a study conducted by the Ponemon Institute, medical identity theft can cost an average American $13,500 to resolve.

Victims may not be aware of their information being stolen: In most cases, insurers or healthcare providers rarely inform the patients about the crime. In general, victims are completely unaware of when they became a victim and learn about the theft of their credentials about three months after the crime has occurred.

Reputations can be on the line: Found in many studies, victims said that their reputation was affected because of medical identity theft due to disclosure of personal sensitive health information. Many respondents believe they missed out on good career opportunities due to identity theft. Some said it resulted in the loss of their job.

5 Tips for Preventing Medical Identity Theft

Invest in modern patient identity management technology and software

With the transition of paper-based patient’s records to electronic-based record-keeping systems, it is necessary to invest in modern technology and software for preventing medical identity theft. For better security and matching rates, many healthcare providers have adopted RightPatient – a leader in touchless biometric patient identity management solutions. With RightPatient, healthcare providers can verify patients’ identities and protect access to medical records. RightPatient does not only help in preventing medical identity theft but it also drastically improves patient matching rates and eliminates the creation of duplicate records.

Just as facial recognition or iris scanning techniques are used in smartphone devices today, this platform uses similar biometric techniques in a healthcare setting for authenticating and verifying an individual’s identity. RightPatient uses an individual’s iris pattern or photos of their face to lock their medical records. Each time a patient arrives at the continuum of care, the platform will scan their iris pattern or photos of their face to authenticate their identity and retrieve their correct medical records. With secure-log-in monitoring, fraudsters will be instantly denied when they try to gain access to medical records by assuming someone’s identity.

Automating the patient registration and enrollment process

Automating the patient registration and enrollment process can eliminate the hassle of a long, complicated registration process, save valuable time and resources, and reduce errors at the same time. Criminals can easily obtain or use someone else’s common identifiers, such as names, SSNs, and DOB for fraudulent use. Many times common identifiers have also been the main cause of the creation of duplicate identities or record mismatching. Paper-based records are also vulnerable to how easily they can end up in the wrong hands. With RightPatient, transitioning to an automated patient enrollment system will be seamless.

Streamline workflow and maintain compliance

Protected health information (PHI) is like a treasure box for cybercriminals and thieves. PHI contains valuable sensitive information and can easily be worth more than credit card numbers on the black market. This is why the Health Insurance Portability and Accountability Act (HIPAA) was established to ensure confidentiality, integrity, and availability of PHI. HIPAA requires healthcare organizations to implement appropriate safeguards to better protect patients’ information so it doesn’t end up in the wrong hands. Maintaining compliance with HIPAA can be quite strenuous, but organizations can use HIPAA compliance software to streamline their compliance efforts and reduce administrative burden. Adopting the best security practices to limit unauthorized access or disclosure of patient information is crucial for preventing medical identity theft.

Robust bring your own device (BYOD) and network access policy

Personal devices should be secured before accessing a patient’s information across the network. A proper BYOD policy must be developed and maintained. For instance, is it safe for employees to bring company-issued devices back home? Many times, thieves get access to sensitive information when devices such as laptops, tablets, or smartphones get stolen from the office, home, or even from a car. Hospitals should also install a separate internet wi-fi network for visitors and patients to restrict access to the organization’s internal network.

Educate your employees and patients and instill a culture of best privacy practice

Not all data breaches are malicious – human error is inevitable. From emailing sensitive data to the wrong person to accidentally posting on social media or leaving a laptop open, information can be disclosed in many ways. It is essential for healthcare providers to conduct proper training and educate their staff members, working in any capacity with medical information on how to handle and access PHI in an appropriate manner and identify suspicious behaviors for preventing medical identity theft. Training can be easily streamlined using applications.

Many hospitals always strive to do their best when it comes to securing patient information. The occurrence of medical identity theft is unfortunate but isn’t rare at all. Hospitals should also advise patients and encourage them to keep their sensitive information safe and be cautious when sharing sensitive information.

Preventing Medical Identity Theft with RightPatient

Even during this COVID-19 national emergency crisis, medical identity theft is continuously becoming a great threat to the safety of patients and healthcare providers. Besides being the leader in patient identity management, RightPatient offers completely touchless biometric modules for patient identification. With RightPatient, healthcare providers can easily prevent medical identity theft and improve patient safety along with hygiene in a facility by removing physical contact, thus, limiting the spread of contagious diseases.

Healthcare Data Breaches can lead to Medical Identity Theft

May 7, 2020/5730 views / 0 Comments/in BLOG, Data Breach, healthcare, Medical Identity Theft, Patient Identification /by Ryan Stephens

As per The Health Information Technology for Economic and Clinical Health Act (HITECH) requirement, breaches that expose protected health information (PHI) affecting 500 or more individuals must be listed. The Breach Reporting Tool of Health Insurance Portability and Accountability Act (HIPAA), reveals that 26 new incidents were added to the portal at the end of March 2020. These incidents are all related to healthcare data breaches.

The security incidents in the portal list are currently under investigation by the Office of Civil Rights (OCR). It has been reported that out of 26 incidents, 13 were caused by hacks or other IT related incidents, affecting 338,334 individuals. Other noteworthy healthcare data breaches affecting 44,592 individuals were caused by theft, loss, and unauthorized access or disclosure of information.

Healthcare data breaches have had a sustained impact on the quality of delivery care and have made healthcare providers more prone to medical identity thefts. Healthcare data breaches are becoming a pressing concern for providers and there’s no sign of the data breaches slowing down.

How do criminals capitalize on stolen personal health information?

Personal health information (PHI) is any information or data entry that can identify an individual. PHI includes sensitive information such as names, addresses, Social Security of Medical Insurance numbers, information about beneficiaries, financial details including account numbers, and diagnostic images. This type of information can be created or collected by your health plan providers, employers, healthcare providers, or other healthcare entities.

Medical records are not only highly sought out by criminals but are highly desired on black markets too. This kind of information can sell for as much as $1000, depending on the amount of the victim’s information is available. Cyber thieves and criminals can later use stolen healthcare records and they plot illegal schemes, such as medical identity thefts.

How can healthcare providers mitigate negative outcomes?

Healthcare data breaches and medical identity thefts are wreaking havoc on revenue cycle management of hospitals by increasing operational costs and negatively impacting patient experience.

To reduce the risk of healthcare data breaches, hospitals need to implement adequate security measures as per the HIPAA Privacy and Security Rule requirement. In addition to the Security Rule, covered entities are required to issue notifications to affected individuals in the event of breaches to unsecured protected health information, as per The HIPAA Breach Notification Rule. Healthcare providers can use a HIPAA compliance management solution to simplify their administrative operations.

When hospitals adhere to the HIPAA rules effectively, it means they are using appropriate safeguarding measures to keep their protected health information secure. As a result, their networks and devices will have increased protection from cyber attackers and hackers.

To prevent medical identity thefts, hospitals can simply use a biometric patient identification platform such as RightPatient.

How can RightPatient prevent medical identity thefts?

RightPatient is a biometric patient identification platform that locks patients’ medical records. During registration, the patient just needs to provide their biological data such as iris patterns or facial photo, and the platform will use this data to lock their medical records. Next time when the patient arrives at the care continuum, all the patient needs to do is just look at the camera and the platform will accurately identify the individual and bring up their medical records.

This platform prevents fraudsters from illegally accessing medical records by encrypting sensitive information using the patient’s biological characteristics. A fraudster will not be able to simply walk in and use stolen PHI to receive medical services or benefits.

By using RightPatient leading hospitals will have improved patient experiences and healthcare quality and will also reduce the number of denied claims, from which hospitals lose millions of dollars each year.

It is forecasted that the Global Healthcare Biometrics market will reach a market value of $5.8 billion by 2025, at an expected CAGR (Compound Annual Growth Rate) of 19.3% (2017-2025). Implement RightPatient now and stay ahead of the curve.

New Podcast Addresses Importance of Single Sign-On (SSO) Tech in Healthcare

December 1, 2015/5075 views / 0 Comments/in BLOG, Podcasts, SSO /by John Trader

The proliferation of data breaches along with the rising pressure to more effectively safeguard protected health information (PHI) in healthcare is fueling growth in the adoption of single sign-on (SSO) solutions. Designed to relieve the burden of password management while providing a more convenient mechanism for users to access their computer or to the network, SSO solutions offer distinct advantages over traditional passwords including:

Providing an air-tight security mechanism to authenticate users gaining access to network resources
Reducing IT support costs associated with password management and help desk overhead
Minimizing the risk and cost of enterprise data theft from users inside the firewall
Supporting regulatory compliance (HIPAA, Sarbanes-Oxley, etc.) with improved security
Leveraging existing network infrastructure for faster deployment
Allowing users to quickly lock and unlock their computers with a single proximity card swipe or biometric scan

Our latest podcast with Ray Madril from Healthcast discusses the importance of adopting single sign-on (SSO) technology to increase patient safety and patient data security in healthcare.

To dig a little deeper into the importance and urgency of adopting SSO solutions in healthcare, we contacted Ray Madril of Healthcast and scheduled a podcast session to tap into his knowledge and covered the following topics:

An overview of the current health IT data security landscape and why establishing a secure single-sign-on credential is now considered mission-critical for the healthcare industry
The impact data breaches have on the healthcare industry and how a strong SSO solution prevents breaches and their damaging effects
How the implementation of an SSO solution impacts provider workflows and why is this important to patient safety
E-prescribing is changing healthcare by demonstrating that health IT has become a critical component for the efficient delivery of medicine and cost-effective patient treatments. What role does a secure SSO solution have to support efficient and secure EPCS?
The different form factors for SSO solutions and the impact of using biometrics such as a fingerprint with an SSO solution to ensure patient safety
How a successful SSO implementation increases patient safety

Healthcast is RightPatient’s exclusive SSO partner and we recently joined forces to help increase patient safety and provider stronger patient data access security.

Download a copy of the SSO in healthcare podcast and listen to it on the go! Have a friend or colleague that you feel would benefit from the podcast on adopting SSO for stronger data security in healthcare? Please forward them the link.

Have an idea for a podcast? Submit your entry to: jtrader@rightpatient.com along with a suggested guest for the topic.