Identity theft isn’t all that new anymore. There is a whole generation of kids who’ve never know what it’s like to not have to worry about their personal information being compromised.
But usually, when we think of where identity theft originates, we think some credit card transaction. Home Depot and Target are some of the first to come to mind. There was a point where I was glad when a credit card breach occurred because my credit monitoring that was paid for by the last breached company was about to run out. That’s a nice aspect of credit care breaches, the company will often do what they can to mitigate the consumer risk, and if your credit card is compromised the bank often doesn’t hold you responsible, or it’s a negligible amount.
This is not so much the case with healthcare data breaches, where there is no automatic right to cover your loss. In fact, this article says that half of the people affected by a healthcare breach had found out about it themselves, through credit card statements, or looking at their EOB. Furthermore, only 12% of the people breached notified their healthcare organization responsible for the data.
That means many healthcare data stewards are likely unaware that a breached happened, and it could go on to affect many more people. This could hold you responsible for hundreds or perhaps thousands of dollars. If you find this has happened to you, treat it differently than a credit card breach as the burden is on you.
And please notify your healthcare providers so that others don’t fall victims as well. We are counting on you!