Electronic medical records, also known as EMRs, are helpful in a lot of ways. They help doctors diagnose patients who have been to several specialists, they help prevent drug interactions, and they make it so people don’t have to cart around stacks of paper files.
One way in which they are not helpful though is in the area of security. According to Javelin Research, medical information fraud, which includes identity theft, increased 4% between 2008 and 2009, which a lot of this due to EMRs. And, what is even more troubling is that thieves with medical information, as opposed to, for example, driver’s license information, tend to hang on to the information for longer. Perhaps this is because they are less likely to get caught.
Javelin’s research concluded that thieves tend to use stolen medical information – such as insurance information, credit cards on file in medical records and names and birth dates – for about 320 days, which compares to the 81 days on average they use information for other types. It also costs about 50% more and takes 50% longer for victims to recover from the fraud, on average. This may be due to the sheer bulk of information that can be contained in those records.
James Van Dyke, the president of Javelin Research, told Information Week Magazine that this problem will get worse before it gets better. Said Van Dyke, “We think medical providers aren’t up to the task. They won’t have security best practices in place to match the incidents of fraud.â€
So what is a patient – which is basically everyone at one point or another – to do? One bit of advice is to register for an identity theft protection plan. While being a member of such a plan may not prevent a thief from gaining access to your medical information, it can help to prevent him or her from using your insurance number or the credit card number stored in your records for illegal purposes such as identity theft.
A lot of times, your plan will be able to notify you if the thief tries to sell or trade your information online, tries to open a new account in your name or tries to change the address on your account. Once you learn this information, you can often put a stop to the fraudulent activity before it progresses to something worse and more damaging to you, either in the short run or the long run. Hopefully, this can close that 300+ day window entirely.