Unlike stealing a driver's license or a credit card, data gleaned from personal health records provides a wealth of information that helps criminals commit multiple crimes, according to Javelin Strategy & Research, a Pleasanton, California-based market research firm.
Information such as social security numbers, addresses, medical insurance numbers, past illnesses, and sometimes credit card numbers, can help criminals commit several types of fraud. These may include: making payments from stolen credit card numbers and ordering and reselling medical equipment by using stolen medical insurance numbers.
A key finding from the report is that fraud resulting from exposure of health data has risen from 3% in 2008 to 7% in 2009, a 112% increase.
"There's more Identity fraud of any kind being generated from exposure to health records which [have] particularly sensitive information," said James Van Dyke, president of Javelin Strategy & Research.
Van Dyke's prediction is that as medical providers increase their use of electronic medical records, the incidents of fraud will increase.
"We think medical providers aren't up to the task. They won't have security best practices in place to match the incidents of fraud, and we think theft of personal health information is going to get worse," Van Dyke said.
The study also found that there's a big difference between the misuse of data obtained through medical records, compared to other types of identity theft. For example, on average, criminals use information from medical records to commit fraud for 320 days as opposed to 81 days of misuse of information from other types of identity theft.
Additionally, it takes more than twice the time to detect medical information fraud and the average cost is $12,100, more than twice the cost for other types of identify theft.