Tuesday, March 10, 2015 New Report Claims 20% Jump in Health Care Records Theft in 2014 Medical identity theft increased by 21% between 2013 and 2014, adding an estimated 500,000 Americans to the 2 million who have been victimized over the past 5 years, according to a new report from a research firm specializing in privacy management. And if that weren't bad enough, findings by the Ponemon Institute, which completed its study in November 2014, do not include statistics from the recently announced massive records breach of Anthem customers, which could affect as many as 80 million Americans. In its fifth annual study of medical identity theft (.pdf), Ponemon analyzed surveys from 1,005 respondents across the United States who had experienced theft. The survey asked not just about the costs and circumstances around instances of theft 2013–2104, but about respondents' attitudes toward their health care providers' security practices. Among the findings: Approximately 65% of victims had to pay an average of $13,500 to resolve the crime. Most respondents—68%--reported that they are "not confident" that the measures taken by their health care provider will keep them safe; 63% reported that their health care provider has not informed them about the measures they're taking to protect medical records. Only 17% of respondents routinely check their medical records for accuracy. A combined 79% of respondents reported that it was "important" or "very important" that providers ensure the privacy of health records. One quarter of theft victims permitted a family member or someone they know to use the respondent's personal identification to obtain medical treatment; nearly all of these (91%) did so because the other person did not have insurance. Among respondents whose medical identity was stolen, the most frequent use of the stolen identity was to obtain health care services or treatments (59%), to obtain prescription drugs (56%), or to obtain government benefits including Medicare and Medicaid (52%). While Ponemon acknowledges that medical identify theft can't be prevented completely, the report does recommend that health care and insurance providers "help consumers gain more control over their medical records" by making electronic health records more accessible to consumers. Given the large percentage of respondents who knowingly shared their medical identity records with others, the firm also asserts that "providers … have a responsibility to inform individuals of the negative consequences of sharing medical credentials with others."