Lindsey BobingerIDS-4934October 1, 2016
[Type here] [Type here] [Type here]
Privacy- What medical information should be confidential? Who, if anybody, should have access to medical records?
The overuse of one’s medical information, the security breaches in the medical industry, and protections/precaution one should take.
· Purpose- To express how identity thief has grown throughout the medical field.
· Background- Talk about statistics, laws, and precaution one can take to help shield their identity.
· Significance- I want to express how important this issue is that we ourselves might have gone through this are we know someone that has.
· Research methodology and description – Use internet and book sources
Rough Draft ideas
That is just enough information to take someone’s identity for someone to make different accounts in that person particular name. How can we make this better? Sticker laws, tighter security on patient records portals.
Table of Contents
I. Title page
II. Abstract Page 1
III. Table of contents Page 2
IV. Introduction- HIPPA Law Page 3
VI. Statistics of medical breaches and Figure A Page 5
VII. Cyber Attacks- Attacks on Insulin Pumps Page 6
VIII. The common courtesy and rules of a breached Page 7
IX. Federal laws-precautions after a breach Page 8
X. Services one can use- example LastPass Page 9
XI. Penalties and jail time for hacking personal info Page 10
XII. Identity Laws and how can we make them better Page 11
XIII. Black Market and how much your information is worth Page 12
XIV. Page 13
XV. Page 14
XVI. Page 15
XVII. Annotated bibliography Page 16
Every American, from the beginning of life to its end, enjoys a fundamental, but not absolute, the right to privacy that is deeply rooted in both tradition and law. In no area is this right more cherished, or more unsettled, than in protecting the confidentiality of identifiable personal health information, as lawmakers, judges, and healthcare professionals struggle to balance individual privacy interests against other strong societal interests. “An estimated 17.6 million people, or about 7 percent of U.S. residents age 16 or older, were victims of at least one incident of identity theft in 2014, the Bureau of Justice Statistics (BJS).” (http://www.bjs.gov, 2016). The overuse of one’s medical information, the security breaches in the medical industry, and protections/precaution one should take.
The Hippocratic Oath, dating to the fourth or fifth century B.C., requires physicians to keep secret all knowledge of individual patient’s. Personal health information is maintained not only by physicians but also in the records and/or databases of hospitals and clinics that provide treatment or diagnostic services, laboratories that perform tests, pharmacies, and insurance companies and managed care organizations to which claims are submitted or coverage is made. In addition, personal health data frequently is shared with universities and pharmaceutical companies for medical and health-services research purposes.
What is a shame is now when a person go to a doctor’s office or the emergency room, and the person working the window is either asking for the patient’s social security number or wanting the patient to give out their social security so they can check what is on file. Ever noticed that there are not a room or a door one can close. Technology as grown over the years and while one is giving out their personal information to get medically treated, someone can record that person with their cell phone while the patient is verifying their social security number, date of birth, and address. Then that vindictive person has all the information they need to pretend to be you. Some people when they talk their voices are loud everyone can hear their whole conversation. some elderly people that do not wear hearing aids and they talk so loud that they receptionist is not thinking of their privacy.
Personally I would like to see the clerk or the patient write their social security number on a piece of paper like a post-it note. When the clerk is done he/she gives the post-it note back to the patient and the patient can dispose of it at their own risk. Just with all the bad things going on in the world today one does not know if the office clerk or program secretary is going to shred your information. Now one might have family working at the hospital or a clinic that one might go to and I would hate to know if a member of one’s family has access to your personal medical records . There are something a patient that one likes to keep private. Now medical facilities have made it where if the patient does not have a signed or scanned copy in your medical documentation of a medical release form. That legally they cannot send or give out that patient’s personal medical records to anyone. It just makes one wonder if the person behind the desk is actually going through your medical files to make sure the patient has a signed released from in one’s file.
The word breach sometimes just makes one’s skin crawl. When one hears of a breach in the medical field everyone assumes of the worst has happened. “Experts, estimates that data breaches cost the healthcare industry some $6.2 billion, as some 79% of healthcare organizations say they were hit with two or more data breaches in the past two years, and 45%, more than five breaches.” (Higgins, 2016). ” Most of those exposed fewer than 500 data records, and thus don’t get reported to the US Department of Health and Human Services nor are revealed to the media.” (Higgins, 2016). That is a huge number and how does one know if they are one of the not so lucky ones that information as breached?
Figure A (Kassner, 2016).
Breaches of confidentiality, in fact, are on widespread now from medical devices, medical records, and even to government medical clearances. In some instances, breaches occur within the parameters of present law: Pharmacies in some states legally sell individual prescription records to pharmaceutical companies for use in marketing campaigns. As one now knows that pharmaceuticals companies are now pushing for these prescription saver cards for medicines like Farxiga or Invokana. Now it great in a way because we are getting or prescription for no cost, but to just activate the card one has to put in their personal information to an extent. Once one has done that you have opened yourself to that particular company that makes your prescription drugs marketing companies.
“The cyber attack—in which hackers stole the names, birth dates, Social Security numbers, home addresses and other personal information of 78.8 million current and former members and employees—gave Anthem’s reputation a black eye early on. The company and the industry at large scrambled to do damage control. Consumers questioned whether Anthem and other healthcare organizations could manage the volumes of data they had.” (Herman, 2016). The worst part about this whoever hack this company if it was an individual person, another country like Russia or China, or even if it was another insurance company. This person/persons has access to all patients medical records from surgeries done in the past, to medications one is current taking, and one’s deductibles.
One new scare one should watch out for now is if you are a diabetic Johnson and Johnson is warning more than 100,000 medical patients who use certain insulin pumps they could be targeted by hackers. In a letter, the company said its Animas OneTouch Ping insulin pump has a bug causing a potential cybersecurity risk. Hackers could hijack the device and force it to deliver unauthorized, and possibly lethal, insulin doses. That is scary to think someone either in your community or across the world could be in control of your insulin levels.
Unlike your fingerprints, which are unique to you and cannot be given to someone else for their use, your personal data especially your Social Security number, your bank account or credit card number, your telephone calling card number, and other valuable identifying data can be used, if they fall into the wrong hands, to personally profit at your expense. “Individual identities, called ‘fullz’ on the black market, vary in price from $1 to about $450 (converted from bitcoin) and are valued based on factors like quality, robustness, reliability, and the seller’s reputation – not unlike EBay.” (Abrams,2016). That should just make one cringe it makes one think are we really safe is our information really safe at night or anytime. The Figure below shows just how easy it is for someone to buy ones information.
Figure B: (http://businessidtheft.org, 2016)
Payment & Banking Information Price
Credit card details From $2 – $90
Bank credentials From $80 to $700 with guaranteed balance
Bank transfers & check cashing From 10% to 40% of the total
PayPal credentials $10 & up with no guaranteed balance
Online store & payment platform credentials From $80 to $1500 with guaranteed balance
Physical (cloned) credit cards From $190 + cost of details
Services & Equipment to Commit Fraud Price
Card cloners From $200 to $1000
Fake ATM machines Up to $35,000
Design & publish fake online store or website Varies based on project scope
Once this is filed submit a copy of one’s police report to one of the credit bureaus the other two bureaus will receive the report as well and will make sure that any financial institution is aware as well. I would suggest that one should put a good contact number for a bank or Credit Company to call if they see someone is using your personal identity. This way when they call you can give verification and with your phone number it is an extra step for security. If you get anything in your mail about certain accounts you did not open and it is in your name call the company and demand the shut those accounts down. Tell them “I am a victim of an identity thief,” this way the company will working on closing all of the open accounts. Tell them that if they find that person put them in jail and punished to the maximum extent.
Another thing one should look into is a service called Lifelock. This service monitors all one’s financial activity as well as one’s person information such as social security number, date of birth, home address and mail address. Nowadays one cannot be too safe when it comes to anything. If a person that likes to submit one’s medical claims or look at one personal insurance statement, or have access to personal online medical records I would recommend LastPass. Is a freemium password management service which stores encrypted passwords in private accounts? LastPass is standard with a web interface but also includes plugins and apps for many modern web browsers and includes support for bookmark lets.
“Penalties for fraud offenses may include criminal penalties, civil penalties, or both. Most criminal fraud offenses are considered felony crimes and are punishable by jail, fines, probation, or all of the above. Civil penalties may include restitution (paying the person back) or payment of substantial fines (geared to punish the behavior).” (http://criminal.findlaw.com, 2016). The federal law relating to identity theft penalties was signed into action by President Bush in 2004, and it mandates federal prison time for anyone convicted of the crime. It also increases the maximum jail sentence from three years to five years, and increases penalties for phishing schemes, among other changes. There should be longer jail time for someone that steals another person identity. When one is born we come into this word all one has their name, and over time one works hard to build up their name and who they become in life. But have some horrible vindictive person take that way would infuriate someone. With the criminal just using the major information that they need they have everything to pretend to be someone else. Depending on how that person is they can ruin one’s life and rack up tons of fraudulent bills. Theft is one of the fastest growing crimes in the United States today. The Federal Trade Commission (FTC) estimates that as many as 9 million Americans have had their identities stolen each year. That is too many and will is enough going to be enough?
Personally, the criminal should have to pay the person/persons whose identity they stole. If for example, this individual took $10,000-$30,000 dollars. That criminal need to pay all that back to that individual if that mean that person need to sell things get personal loans or work several jobs well everything needs to be paid back. If not paid back in time that it was given then when it comes tax time that individual taxes if he/she gets anything back they have to pay for the person that had to suffer for their mistake. “Each state differs in how they handle an identity theft conviction, but at the very least, the criminal will be given a misdemeanor and forced to pay back any loss suffered by the victim, whether financial or in compensation of time, labor, etc. As the severity of the crime increases, so too do the state identity theft penalties, ranging from prison terms up to ten years to fines numbering in the thousands of dollars” (https://enlightenme.com, 2016). There are a lot of time and man hours that goes into one having their identity stolen. The paper work that is involved, ones time, make phones to certain companies to make sure your information is not being used, and the hurt the one goes thought and wondering why did this have to happen to them?
“There are two levels of punishment for identity theft: the state level and the federal level. The federal law relating to identity theft penalties was signed into action by President Bush in 2004, and it mandates federal prison time for anyone convicted of the crime. It also increases the maximum jail sentence from three years to five years, and increases penalties for phishing schemes, among other changes.” (https://enlightenme.com, 2016). When the criminal is convicted they need to have to have credit monitoring and have random inspections of their finances, and there certain investments. Anything that looks out of the ordinary then they needs to be brought in for questioning if found guilty again 10 years for terrorism related offenses should be the pending charges of the induvial. If that criminal does not learn their lesson they should serve life in prison afterwards. If one cannot learn after the first time they went to jail then they need to be where they monitored twenty-four-seven.
This is very serious crime and with technology we have now days is it will only get worse do to cyber-attacks and hacking in to records or insurance companies. To just give someone on their first offence to just put them on probation that does not seem fair. They need to jail time right off the bat, no normal person every thinks about hacking or taking someone identify, and if someone does that
Being charged with an identity theft crime is a very serious situation. Depending on their circumstances, being convicted of identity theft can lead to large fines and years or more in prison. Talking to a local criminal defense attorney as soon as one learn that they are being investigated for, or charged with, an identity theft crime is essential to protecting ones rights throughout the criminal justice process. An area lawyer who has experience with identity theft cases and who has represented clients in local courts is the only person capable of giving legal advice about ones case.
Victims of identity theft should be aware of the laws in their area so that they know what to expect when their case moves towards conviction. It is helpful to know what statutes are being used to measure the crime when anticipating what the outcome might be for you as the victim. Always report if you see something that is off or questionable. Ask yourself the following questions or if your receive something have it checked into:
· Get a bill for medical services they didn’t receive;
· Be contacted by a debt collector about medical debt they don’t owe;
· See medical collection notices on their credit report that they don’t recognize;
· Find erroneous listings of office visits or treatments on their explanation of benefits (EOB);
· Be told by their health plan that they’ve reached their limit on benefits; or
· Be denied insurance because their medical records show a condition they don’t have.
Bibliography Confidentiality of Medical Records: A Situation Analysis and AHIMA’s Position. (2016, September 29). Retrieved from http://bok.ahima.org: http://bok.ahima.org/doc?oid=60048#.V-1_AVQrJQI Herman, B. (2016, October 7). http://www.modernhealthcare.com. Retrieved from http://www.modernhealthcare.com: http://www.modernhealthcare.com/article/20160330/NEWS/160339997 Higgins, K. J. (2016, October 4). Healthcare Suffers Estimated $6.2 Billion In Data Breaches. Retrieved from http://www.darkreading.com: http://www.darkreading.com/threat-intelligence/healthcare-suffers-estimated-$62-billion-in-data-breaches/d/d-id/1325482 http://criminal.findlaw.com. (2016, October 7). Retrieved from http://criminal.findlaw.com: http://criminal.findlaw.com/criminal-charges/fraud.html http://criminal.findlaw.com/criminal-charges/identity-theft.html. (2016, October 2). Retrieved from http://criminal.findlaw.com/criminal-charges/identity-theft.html: http://criminal.findlaw.com/criminal-charges/identity-theft.html http://www.bjs.gov. (2016, October 2). Retrieved from http://www.bjs.gov: http://www.bjs.gov/content/pub/press/vit14pr.cfm Kassner, M. (2016, October 5). Cybersecurity professionals: The healthcare industry needs you. Retrieved from http://www.techrepublic.com: http://www.techrepublic.com/article/cybersecurity-professionals-the-healthcare-industry-needs-you/
Capstone Project | Lindsey Bobinger Page 2 of 11
Capstone Project | Lindsey Bobinger Page 11 of 16
Buy an essay in any subject you find difficult—we’ll have a specialist in it ready
Ask for help with your most urgent short tasks—we can complete them in 4 hours!
Get your paper revised for free if it doesn’t meet your instructions.
Contact us anytime if you need help with your essay
APA, MLA, Chicago—we can use any formatting style you need.
Get a paper that’s fully original and checked for plagiarism