Many people believe that identity theft relates comes from the theft of credit card numbers or other credit data.  You may be surprised to learn that identity thieves actually prefer access to medical records.  Recently, the computer network of Community Health System Inc. was hacked, resulting in the theft of more than four million patients’ personal information.  Cyber crimes are up substantially.  This means that any personal information that is available online can become the target of intelligent, internet-savvy hackers.

According to security experts, the U.S. healthcare industry has now become the prime target of many cyber criminals.  Unfortunately, many companies have websites and patient portals that are “protected” by outdated security features and are outdated.  Identity thieves have found that by obtaining personal information of patients, they can sell large batches of such private information for big profits.

In 2008, approximately 20% of healthcare organizations experienced cyber attacks; in 2017 approximately 45% of ransomware attacks targeted healthcare organizations.  Healthcare providers are slowly shifting to electronic medical records, which may be a reason for the sharp increase in medical record theft attempts from 2009 to 2017.  This means that the number of healthcare organizations who have been hacked over a four-year time period has more than doubled.  Hackers attack healthcare organizations more than financial institutions (12%) or professional service businesses (12%).  This has now become an area of major concern.   

The issue of cyber attacks to obtain patients’ medical data is much worse than may be imagined.  According to a recent article in the Insurance Journal, one healthcare facility in Salt Lake City experiences thousands of attempts at penetrating its network every week.  Vice President Jeff Horne of Accuvant, a cyber security firm, stated in that article that hospitals and healthcare providers often have networks that are easier for cyber thieves to break in to because of outdated versions of Windows or other older operating systems used by these providers. The result of medical record cyber-theft has resulted in those records being used to defraud Medicare of more than $6 billion dollars over the past two (2) years. 

Hospitals and healthcare providers who collect and store patient medical information have a duty to make sure their security systems are up-to-date.  HIPAA laws protect the sensitive information and data contained in medical records. Healthcare providers are supposed to take every step necessary to protect their patients’ valuable and vulnerable medical records.

As personal injury attorneys in Kansas City, we recognize that sensitive and private information are contained in health care records.  When we represent injury victims, we are charged with collecting and securing medical records for our clients.  Medical records of women may be especially sensitive due to the complex nature of medical issues that are discussed with doctors and other medical providers. 

If you are injured, choose an attorney who understands the sensitive nature of medical information and who works to safeguard clients’ sensitive information.    At Griggs Injury Law, we understand and will fight to keep your medical information protected.