Data Breaches Can Lead To Medical Complications | Health Blog

Date: 12/15/2012    Written by: Hiyaguha Cohen

Data Breaches Plague Hospitals

medical complications

We've certainly harped enough in this blog on the problems hospitals breed: infections that spread from patient to patient, the high cost of getting treatment, and the mixed-up medications and medical complications and mistakes that cause permanent injury and even death. As if that isn't enough to make you want to consign yourself to cryogenics rather than check in for a procedure, now there's one more problem to add to the mix, and this time it doesn't have to do with medicine at all.

A study just completed by Ponemon Institute in Michigan found that an astounding 92 percent of all hospitals reported data breeches within the past two years.1 In other words, patient records were stolen or somehow compromised. Such data breaches have affected over 19 million patients and cost the US healthcare industry over $7 billion annually. You may think the consequences of this do not concern you. Maybe you figure: who cares if word gets out that you had a hangnail removed? But you should be concerned. That's because theft of your records gives the thieves access not only to your health information, but also your financial information, and could even make you vulnerable to insurance fraud schemes. In other words, any person who accesses your records can submit false claims in your name in order to receive cash back. Your premiums can go up as a result, and then, if the claims get proven false, you can be held liable for reimbursement or even for fraud.

According to Rick Kam, the president of ID Experts, a data privacy consulting company, "There's more financial damage that can be created from your health insurance information than a credit card number."2

News like that is enough to raise your blood pressure, but chances are good that you won't get the news, even if your records do fall into malevolent hands. The Ponemon report found that only 25 percent of victims were aware of having received notification that there was a data breach.3 The law in 47 states does indeed require hospitals to notify those whose records were compromised, but only if more than 500 people were affected. And even when notification is required, there are big holes in implementation.

Even beyond the financial and legal harm that a medical data breach might cause, there are potential medical complications. Anyone who steals your records might use your insurance information to get treatment for himself or to submit false claims, and that information gets incorporated into your chart. When the physician next consults your chart, any number of disasters can ensue--you may receive the wrong medication or even get treated for the wrong condition. This gives you yet another reason to do research on the medication you are given and the treatment protocol recommended for you. In fact, according to the report, 39 percent of all hospitals reported that theft of records had led to inaccuracies in patient records, and 26 percent said that patient treatment had been compromised as a result.

Equally alarming is the fact that the rate of theft of medical records has gone up by 32 percent in the past year alone. Most of the breaches (79 percent) are perpetrated by hospital employees. Forty percent involve paper records. The rest of the breaches are related to electronic devices, and the experts say that the more hospitals rely on these devices, the faster the rate of compromise grows. Not only can electronic devices be hacked, but they also can be stolen if they're small enough. Increasing numbers of doctors have been entering medical data into their iPads or whatever portable record-keeping system appeals to them, and these machines are easy to rip off. It's even easier to steal a flash-drive, or to lose it. Plus, hackers have a field day when data gets stored in a cloud. The experts say the sharp rise in theft of medical records directly reflects the push among physicians to convert paper records to electronic form.

Experts advise that you should carefully review insurance claim reports the way you review credit card statements. They also caution that you should be careful to hold onto your insurance card. Better yet, as we so often caution, take care of your health so you can avoid the hospital. Creepy as the possibility of having your medical records stolen is, there are far scarier things that can go wrong should you be admitted to the hospital.


Did you enjoy this information?  Get this type of information and more delivered right to your mailbox by subscribing to our free daily health alerts at!

  • 1. "Ninety-Four Percent of Hospitals Suffer Data Breaches." 7 December 2012. Michigan Radio. 7 December 2012.
  • 2. Karas, Tania. "A Risky RX for Your Digital Records." 19 June 2012. Smart Money Magazine. 7 December 2012.
  • 3. "2012 Study on Data Breach Notification." June 2012. Ponemon Institute. 7 December 2012.

Click for Related Articles