Digital health records to increase identity theft?

President Obama has proposed sweeping reform of the nation’s healthcare system and said he believes all medical records should be computerized and standardized within five years. The President hopes this will result in increased quality of care, decreased costs, and creation of thousands of new jobs.

Todd Feinman, CEO of Identity Finder, cautions, however, that electronic medical records add higher risk of identity theft unless they are carefully protected. “The HIPAA Privacy rules have only been around for a couple of years; many healthcare providers are still unprepared to protect patients’ personally identifiable information (PII), which if stolen could lead to identity fraud.”

In 2006, the Health and Human Services issued final ruling regarding HIPAA enforcement and set civil money penalties for violating HIPAA rules. These regulatory requirements call for organizations to proactively protect patient health information, but still too often PHI ends up unprotected in a spreadsheet on a nurse’s computer.

“If healthcare providers have a security breach, not only would that be a violation of patients’ privacy, but also the associated costs would be dramatically higher than implementing some simple, preventive measures,” says Feinman. The upcoming changes by the Obama Administration could make organizations’ exposure of PHI even worse.