PHI is worth up to 20x more than credit card data

Jan 26, 2017 | Security-GRC | 0 comments

These days cyber security is all over the news, but sometimes it’s hard to imagine how these criminals obtain your personal information or why they even want it. It’s easy to think about the benefit a criminal can gain from obtaining your credit card number. They can go on a shopping spree and you’ll have to foot the bill.

But why is your protected health information so coveted?

There’s more value attached to healthcare-related data than other types of personal information. Think about it: Some criminal decides to take your credit card information, you can close it in a matter of seconds. But with your social security number, criminals can pull off stealing your identity that may go undetected for months.

Then there’s prescription fraud which is an easier way for the bad guys to access high-priced drugs. If your PHI creates access to valuable drugs, it just got way more valuable than your credit card.

According to the Information Security Media Group, the price on the market for a stolen credit card number ranges from $0.50 to $5 compared to the price on the market for stolen health credentials which ranges from $10 to $50. If your information does get breached you could be among the 65% of medical identity theft victims who paid an average of $13,500 to resolve the crime (Payments made to healthcare providers, identity service providers or legal counsel).

With the increase in breaches, there are new legal requirements that drive healthcare providers to increase their security. More and more companies are becoming increasingly aware of cyber security risks.

Some basic steps you can take to protect you and your company include:

View/Add comments

Related Posts

Navigate the blog

Data Centricity

ASMGi discovered long ago that the importance of data transcends trends, hype or new approaches. That holds true in security, software development, IT Services, Sales and Marketing Solutions and certainly in the Cloud. Our blog may touch each of our practice areas, but in the end, it's always about the data.