Doctoring Data: Why Cybercriminals Have Their Eye on Healthcare

Fun fact: your healthcare data is worth roughly 10 times as much as your credit card number. Well, to a cybercriminal at least. Why the value increase, you may ask? Insurance fraud—and a lot of it. Which translates to a lot of billing for fake treatments and stolen prescriptions. And before you write that off as someone else’s problem, remember the ramifications of stolen health data last longer and have a deeper effect than any other kind of stolen data.

So why does this kind of theft have such a powerful effect? First off, these transactions end up on your medical records, which could potentially result in a mistaken diagnosis, incorrect treatment, unnecessary delays—the list goes on. But the true value behind healthcare data not only lies behind the reaping of these tangible benefits, but in the data’s longevity.

Credit card companies can detect fraud and cancel a card in the blink of an eye. Healthcare data, however, connects policy numbers to employee numbers, which are difficult to change, leaving the control out of the hands of the insurer. Adding to this longevity is ambiguity. Is that an MRI for your arm, or fraud? Did you ask for this prescription, or did a cybercriminal? It’s impossible to know. Not to mention, it’s extremely difficult for providers to be able to determine fraud while still complying with HIPAA.

And though most healthcare attacks are against hospitals or insurance companies, that doesn’t mean that these attacks won’t directly impact you and your personal data. Additionally, that doesn’t mean that your personal devices won’t be targeted for compromise of this kind of healthcare data as well—as the increase in healthcare apps makes that data so readily available. And with the complications from this kind of breach seeming endless, it’s up to you to start taking preventative measures now, to protect yourself from this emerging type of identity theft.

For starters, here are a few tips and best practices to follow:

  • Maintain good password hygiene. There’s a password for everything these days, especially for accessing insurance information online. Therefore, don’t use the same passwords across online accounts, especially for apps that require self-identifying information, and make sure your logins complex. Additionally, you can use a password to make sure you can keep track of all of your unique credentials.
  • Regularly review activity. Similar to checking your credit card activity, routinely log in to your health insurance or benefit provider’s website and review recent activity. Make yourself aware of all activities listed, check the prescriptions and treatments ordered, and immediately flag anything that is suspicious or incorrect.
  • Look into a monitoring service. A monitoring service won’t, unfortunately, prevent your identify from being stolen or protect you from fraud, but they can provide early warning if its set to happen. Typical services scan for usage of personal info and mentions of your document numbers in criminal marketplaces, then alert you of anything that comes up.

And, of course, stay on top of the latest consumer and mobile security threats by following me and @McAfee_Home on Twitter, and ‘Like’ us on Facebook.

gary

Leave a Comment

sixteen − fifteen =