If the rumor is true about Bluebell Ice Cream’s “e-claim-only” dental benefit plan that is to go into effect in March, how many in the east-central Texas town of Brenham (pop. 16,000) will be properly warned about the danger to themselves, their families and Bluebell officials’ reputations because of reckless policy?
Each time their dentists send an electronic dental claim (e-claim) over the internet to insurance employees in Chicago as a favor to a patient – and especially the insurer – the Bluebell employee’s digital medical identity which is worth fifty bucks on the black market, rides along to destinations unknown. It’s my guess that very few Bluebell employees are yet aware of the increasing risk of medical identity theft from dentists’ e-claims – much less given the opportunity to opt out of the risk by simply visiting a dentist who still uses the telephone, fax and US Mail.
It certainly won’t improve my popularity with 9 out of 10 dentists for saying this, but risks of identity theft from HIPAA-covered dental offices are climbing daily. In the introduction to a recent interview with Larry Ponemon, chairman and founder of the Ponemon Institute, GovernmentIT.com editor Tom Sullivan ominously described the ever-increasing risk of a massive “data spill” of perhaps millions of patients’ protected health information (PHI):
“The street value of health information is 50 times greater than that of other data types. Even worse, the healthcare industry is among the weakest at protecting such information. With organized criminals trying to steal medical IDs, sloppy mistakes becoming more commonplace, mobile devices serving as single sign-on gateways to records and even bioterrorism now a factor, healthcare is ripe for some a wake-up call – one that just might come in the form a damaging ‘data spill.’” (See: “Q&A: How a health ‘data spill’ could be more damaging than what BP did to the Gulf,” December 05, 2011, by Tom Sullivan, Editor)
According to Dr. Ponemon: “The basic issue, when you think about data theft not data loss – because it’s hard to know whether that lost data ultimately ends up in the hands of the cybercriminal and all of these bad things occur – but in the case of identity theft, the end goal has been historically to steal a person’s identity, and just like getting a financial record, getting a health record probably has your credit card, debit card, and payment information contained in that record.” But that’s not all. Credit cards are just chump change.
He continues: “The financial records are actually lucrative for the bad guy, but the health record is actually much, much more valuable item because it not only gives you the financial information but it also contains the health credential, and it’s very hard to detect a medical identity theft. What we’ve found in our studies is that medical identity theft is likely to be on the rise and, of course, there’s an awareness within the healthcare organizations that participate in our study that they’re starting to see this as more of a medical identity theft crime. It’s not just about stealing credit cards and buying goodies, it’s about stealing who you are, possibly getting medical treatment and, therefore, messing up your medical record.”
Dr. Ponemon suggests that the victim may not know about the theft until he or she “stumbles on something that alerts them their medical identity was stolen.” Perhaps something like death following anaphylactic shock from a medication that was once digitally highlighted as “Allergic to.” Understandably, Ponemon adds that respondents recognized altered medical histories as an emerging threat they believed was affecting the patients in their organizations. Such danger for dental patients is almost non-existent if their dentists simply don’t put PHI on office computers.
Should a data breach of Bluebell Ice Cream employees’ identities occur in Brenham or Chicago, which is more likely than not, the fact that electronic dental records do nothing to improve the quality of dental care won’t make Brenham citizens any happier with local Bluebell officials.
D. Kellus Pruitt DDS