Friday, October 06, 2006

Manager Commits SSN Identity Theft Against His Own 200,000 Patients

Manager-Commits-SSN-Identity-Theft-Against-His-Own-200000-Patients audio post - click to play

According to a November 2005 survey, 67 percent of
Americans are concerned about the privacy of their
personal health information and are mostly unaware
of their rights.


With good reason, take for example a former manager of
a California medical group who was arrested earlier this
year after stealing a DVD containing confidential data of
200,000 patients.

That identity thief was not some common street criminal
doing dumpster diving, but rather a trusted branch
manager
for a medical services company servicing
hundreds of doctors
.

As part of the patient data on the stolen DVD, later recovered
by the FBI, it included:

  • Patient Names
  • Addresses
  • Phone Numbers
  • Dates of Birth
  • Social Security Numbers (ssn)
  • Medical Diagnoses
  • Medical Procedures performed
However, as in court documents obtained, we learned this
"inside man" was later revealed to have been associated
with a number of other thefts revealing a pattern of larceny
we've concluded medical data is a prime target for
criminals
.

This manager of the California medical services company, for
example, was also implicated in 6 other burgularies
involving 3 different locations of his employer.


This "inside man" was implicated, according to the court documents,
as all of the burgularies involved someone with company
security
knowledge such as:

  • Where within locked offices was a computer database containing credit card and payment authorization information for donors?
  • Which desk contained keys needed to unlock the cabinet containing computer disks?
  • How was the alarm system deactivated during 2 of the thefts?

This identity thief, working as the "inside man", was eventually
caught and much of the stolen equipment and data was recovered.

But, there's no limit to the amount of damage which could have
been done had it been proven this identity thief uploaded all
of that patient data to the various online forums he
hawked his stolen goods with.

Other medical identity thieves, who evidently were never caught,
have had an even larger impact. For example, how about the 1.4
million California's recieving in-home care whose social security
numbers and dates of birth (dob) were exposed when a Cal-Berkeley
researcher's computer was accessed by a hacker.

Or, how about the 145,000 UCLA blood donor's whose names,
dates of birth, and social security numbers (ssn) were on
a laptop stolen.

As in all of these cases and many more, their common repeating
theme is one of targeted identity theft by reckless criminals
operating from "insider's" knowledge or even access to highly
confidential medical and identity information.

So, our tip for today is to arm yourself against the organizations
which may still have more careful medical identity thieves quietly
stealing your data and selling it to the highest bidder.

You have the right to protect your personal information.


Get yourself enrolled in quality credit monitoring. Make sure
you check out your medical information profile and
request your personal information from medical providers so
that you have a personal backup file just in case it's ever stolen
by an identity thief and you need to prove the accuracy of your
data.

5 Comments:

At 8:34 AM, Anonymous citizenjane said...

This brings to light a whole new meaning to "bad boss".

I sure hope this manager was made to pay for his crimes against all those innocent people.

I, for one, sure get your point made today...get your own protection or suffer the consequences of an identity thief's ravages against your information.

Keep 'em coming and great work.

 
At 7:32 PM, Anonymous jp said...

"Inside Man"?

Isn't that a recent movie featuring Clive Owen?

Well, someone surely must make a new movie featuring this medical identity thief's exploits.

After listening to your podcast I was compelled to come to your website read the article.

Thanks for all of the tips of the day to prevent identity theft.

 
At 6:21 AM, Blogger agent99 said...

See what others are are saying about the "inside" man and medical identity theft.

Get Free updates to the latest comments on this medical identity theft article

"For a snippet of the court documents"

"For more identity theft photos"

 
At 2:57 PM, Anonymous Anonymous said...

Why didn't they just install some surveillance cameras or take more effective counter theft protection?

 
At 12:04 PM, Blogger agent99 said...

Perhaps, like many companies, counter surveillance of employees presents legal challenges - especially without consent authorization notices signed by the employees in advance.

However, committed identity thieves are adept at finding the "soft" targets where they may apply their illicit skills.

Ultimately, the most effective deterrent would be of prevention by hiring practices and/or instituting management policies that give rise to the criminal incentive and the means by which identity theft holds a greater economic reward than merely earning an honest wage.

 

Post a Comment

Links to this post:

Create a Link

<< Home