The transition from paper to electronic records in the healthcare industry is both good and bad. It’s easier for all of our care providers to get our information, but it’s also easier for hackers to get that information when it’s stored on databases and can be accessed online or on mobile devices. The latest healthcare related company that is victim of a breach is Quest Diagnostics. This company performs lab tests and diagnostics for one in three adults in this country and half of the physicians and hospitals, according to its website.
On November 26, the company said an unauthorized third party accessed names, dates of birth, and lab results of 34,000 patients. Neither Social Security numbers nor financial information was included in the accessed data, which was retrieved through what the company said was an improperly secured mobile application. It was created and provided by a company called Care 360 and is called MyQuest. It is used to store and share patient health records electronically.
Quest is sending information via US Mail to those affected. If you receive a letter, it will be more important than usual for you to review the benefit statements you receive from your insurance providers. The information on those documents is what gets submitted to them about your healthcare. If anything is incorrect or unclear, contact them to get it clarified.
Healthcare fraud can be very lucrative for cyber criminals. Medical records are more valuable than credit card numbers because they contain a lot more information and information that isn’t easily changed and that doesn’t expire. Also, it may take victims longer to figure out they have been victims because of the timing of receiving the benefit statements.
The FBI has reported that criminals often sell healthcare records for as much as $50 each. The Ponemon Institute put that number at over $363 in a recent study. Compare that to the $1-5 for a credit card number and you can quickly see why it is an attractive target.