Survey: Breaches, ID Theft Increase

A vendor survey of more than 200 hospital executives finds instances of health information data breaches and medical identity theft continue to increase despite new federal regulations like the breach notification rule and the Red Flag rules.

Identity Force, a Framingham, Mass.-based vendor of identity theft prevention services, conducted the survey between March 30 and April 13 among members of the American Hospital Association. The company received e-mail outreach assistance from the AHA, which previously endorsed its services. Survey findings include:

* Some 41.5 percent of responding hospitals have 10 or more data breaches annually, up 121 percent from a similar survey done in 2009. Twenty percent of respondents have at least 20 breaches annually.

* Fifty-six percent of respondents believe the health reform law either will not change or will increase instances of medical identity theft. Yet, 71 percent of the hospitals, on average, investigate fewer than 50 possible cases of misuse of identity each year and 34 percent don't keep good patient ID records.

* Only 15.7 percent of respondents believe they are in good compliance with security provisions of the HITECH Act; 48 percent don't know if their vendors and business associates are in compliance.

The full report is available at

--Joseph Goedert


For reprint and licensing requests for this article, click here.