There is a reason why cyber criminals prefer medical health information to many other types of data, including credit card and bank account data. Medical health patient information such as social security numbers, personal identities, and health histories don’t change. On the other hand, pass-codes can be quickly changed and credit accounts frozen when a breach is discovered. Banks will react fast. People are more likely to notice unexplained bank account withdrawals and credit charges than unexplained health insurance claims and charges to Medicare. This is because health record exploitation isn’t on their radar. In short, compared to medical records, bank data has a brief shelf life for felonious use.
Medical records also contain much more information that can be put to many uses. Phony passports and other ID cards can be fabricated and sold for profit. The personal health problems along with names and phone numbers of people can be sold to telemarketers who then attempt to sell related equipment and supplies to the victims. Medical records can contain enough information, including place of employment, for criminals to file fake tax returns. Valuable medical items can be charged by criminals to Medicare and to health insurance accounts and sold for profit.
With stolen medical health information being the digital gold that it is, it’s more important than ever to use an HIPAA compliant cloud service for hosting personal health information. HIPAA compliance is not only the smart thing to do, it’s the law. Noncompliance can result in being served with civil and criminal penalties and with fines up to a maximum of $1.5 million per year. Not only will a data breach harm your business, it can also harm your customers/patients. They can be victimized with identity theft, lose their health insurance, face higher health insurance premiums, and depending on how their information was abused, suffer many other difficulties.
WHOA.com offers HIPAA compliant cloud services and is ISO 27001-certified. To learn more about how we protect our client’s data, contact us.