More and more, personal medical information is online. For most hospitals, doctors’ offices, and insurance companies, the Health Insurance Portability and Accountability Act (HIPAA) governs the privacy and security of health records. HIPPA regulations now define mandatory protocols to be followed by covered entities in the event of a breach of Protected Health Information. Protection of medical information is a challenge of expanding proportions. The consequence of a breach can be serious, encompassing both financial and personal health considerations.
Additionally, many web-based businesses collect people’s health information are not covered by HIPAA. These include online services people use to keep track of their health information and online applications that interact with those services. The Federal Trade Commission has issued the Health Breach Notification Rule to require certain businesses not covered by HIPAA to notify their customers and others if there’s a breach of unsecured, individually identifiable electronic health information.
Although identity theft is usually associated with financial transactions, it also happens in the context of medical care. According to the Federal Trade Commission, medical identity theft occurs when someone uses another person’s name or insurance information to get medical treatment, prescription drugs or surgery. It also happens when dishonest people working in a medical setting use another person’s information to submit false bills to insurance companies. Medical identity theft is a concern for patients, health care providers, and health plans. Health care providers and insurers are asking how they can minimize the risk and help their patients if they’re victimized.PROCEED TO COURSE CURRICULUM