We talk about a lot of healthcare topics regularly on our blog but the most common one is healthcare data breaches. That’s because hackers are targeting healthcare providers every day to steal patient information – leading to much too frequent data breaches. Unfortunately, today is no different as we take a look at some recent data breaches and how some of the hospitals are responding. However, the consequences of most data breaches, medical ID theft, CAN be mitigated with accurate patient identification, ensuring safety in healthcare facilities – more on that later.
Healthcare data breaches update
Over 3 million patients’ information was exposed this August
It’s frightening how both the number of data breaches and patients at risk from them keep on increasing. Just last month, over 3.3 million patients’ confidential and sensitive information was exposed due to data breaches at hospitals and health systems, as per HHS’ breach portal.
Out of them, St. Joseph’s/Candler Health System identified around 1.4 million patients’ information at risk, University Medical Center of Southern Nevada saw 1.3 million, and over 637,000 patients’ information was compromised at UNM Health.
Over 600,000 patients’ information exposed
DuPage Medical Group identified unauthorized activity on its computer network – resulting in shutting down access to it. However, around 600,000 patients’ information was put at risk due to unauthorized activity. Information such as names, dates of birth, addresses, Social Security numbers, and diagnosis codes was exposed. As is standard with healthcare providers, the group is providing complimentary services to the affected patients.
More than 171,000 patients at risk of being medical ID theft victims
Metro Infectious Disease Consultants, a physician group of over 100 physicians, identified that over 171,000 patients’ data was exposed due to hacker(s) breaching employee email accounts. After a thorough investigation, the physician group came up with the aforementioned number, secured the employee email accounts, and saw that names, date of birth, Social Security numbers, and medical information was exposed. It also announced that the affected patients will be offered complimentary services.
Around 12,000 patients’ information exposed due to a phishing attack
One of the most common methods used by hackers is phishing, and that’s how one of them hacked Revere Health and got access to around 12,000 patients’ information. To prevent it from happening further, Revere Health is sending “phishing” emails to test their employees and provide the ones who click on it with training – quite an innovative approach.
Medical ID theft is the common consequence of data breaches
Hackers can sell stolen patient information for up to $1000 in the black market, which is why it’s so lucrative for them and the reason for so many healthcare data breaches we read about every day.
Fraudsters buy these stolen patient records from the hackers and then get healthcare services using the victims’ information, but there’s more to it.
Since the fraudsters are being “treated” using the medical records of the victims, the EHRs contain someone else’s information, rendering them corrupt, dangerous, and unusable. If these corrupt records are not prevented or detected immediately, then the actual patient will be receiving the wrong medical care – making it extremely dangerous for them. Moreover, the patients will be receiving bills for healthcare services they never got.
Healthcare providers, on the other hand, might get hit with lawsuits, not receive the payment, and face patient safety incidents.
While data breaches seem inevitable, the most common consequence (medical ID theft) can be mitigated with RightPatient – improving patient safety in the process.
RightPatient prevents medical ID theft in real-time
One of the biggest reasons why fraudsters get away with committing medical identity theft is because most hospitals and health systems cannot ensure accurate patient identification. Fortunately, RightPatient is a touchless patient ID platform that has a vast amount of experience identifying patients accurately and can prevent medical identity theft in real-time.
During the registration process, patients only need to look at the camera – RightPatient attaches a photo of the patient with their EHR. When the fraudster arrives to access services, they’ll need to go through the same process, and since they are not the actual patient of the hospital, their EHR will not be verified. The platform will alert the registration team that the fraudster actually isn’t the patient – preventing medical identity theft in real-time.
RightPatient has been successfully preventing medical identity theft, protecting millions of patient records across different hospitals, and ensuring patient safety for years. If you want to do the same at your healthcare facility, contact us now to learn more about how we can help you.