Experian Data Breach Resolution joins Medical Identity Fraud Alliance

As Experian continues to serve a high volume of healthcare clients, it supports industry dialogue on topic of identity theft and fraud

Costa Mesa, Calif., June 9, 2014 — Experian Data Breach Resolution, a leader in helping businesses plan for and mitigate consumer risk following data breach incidents, has joined the Medical Identity Fraud Alliance (MIFA) as a Founding Member and the group’s Vice President, Michael Bruemmer, will serve on the MIFA Steering Committee. MIFA is the first cooperative public/private-sector effort created specifically to develop solutions and best practices for the prevention, detection and remediation of medical identity fraud.

Experian Data Breach Resolution is well-suited to provide its expertise to MIFA having serviced nearly 1,000 healthcare client breaches last year alone and the largest Health Insurance Portability and Accountability Act (HIPAA) breach in 2013. To keep the topic of medical identity fraud at the forefront, Experian Data Breach Resolution commissioned a study, Risks & Rewards of Online & Mobile Health Services: Consumer Attitudes Explored, on consumer sentiment toward the safety of using online health services. The findings showed that the risk of exposing personally identifiable information (PII) and protected health information (PHI) has many consumers reluctant to fully utilize and access the online health services and resources (eHealth) available.

“Medical identity theft is a serious issue, and we are pleased that Experian Data Breach Resolution has joined our organization and sponsored the Ponemon Institute report,” said Ann Patterson, senior vice president, Medical Identity Fraud Alliance. “The findings show that fear may keep people from utilizing online resources and tools that can possibly help them. Healthcare providers and online resources that collect personal information must do their utmost to secure consumers’ data and communicate to users about their security practices to develop trusting relationships.”

The study, conducted by the Ponemon Institute, surveyed nearly 1,000 consumers who are regular Internet and mobile app users. While these users conducted activities online such as emailing, shopping and research, 52 percent do not use the many eHealth resources available due to concerns for the security and privacy of their personal information. These resources could include browsing health-related sites, accessing and reviewing medical records, communicating with doctors and making payments to healthcare providers.

“Clearly, there is a hot button when it comes to the security and privacy of personal medical and health-related information,” said Michael Bruemmer, vice president of Experian Data Breach Resolution. “While the exposure or theft of financial data such as a credit card number can be detrimental to your wallet, there is something more sensitive about medical information getting into the wrong hands.”

The study’s key findings include:

Data breaches affect consumer loyalty
Trust is indeed an issue, as 61 percent of respondents would likely stop using their favorite mobile health app and 58 percent would likely stop using their favorite online resource if a data breach occurred. Thus, data security is likely critical to engagement and retention of users. In fact, nearly 69 percent of those surveyed chose security as more important than the privacy of their information (selling or sharing data with third parties) and anonymity (ability to be completely anonymous when using the online service or resource).

No clear consensus on accountability
There is uncertainty as to who should be responsible for protecting the privacy and security of eHealth users. Nearly 50 percent of respondents believe there should be more government regulations to protect privacy rights. However, only 33 percent selected the government as the most responsible for protecting privacy and data security, choosing the online or mobile app provider as most accountable (36 percent). Nearly a quarter of respondents put the responsibility on themselves (user) to protect their personal information.

Majority worried about medical identity theft
More than 55 percent of respondents are concerned about being a victim of medical identity theft. In fact, 58 percent selected accessing medical records as the online activity that put privacy and security at greatest risk above making online purchases and using social networks, among other activities. Some of the reasons that cause concern include errors in medical records that may affect future treatment and paying for services not received due to another person utilizing insurance credentials for care or prescription drugs.

To access the report, visit http://bit.ly/ExperianMobileHealthStudy.

Additional data breach resources, including Webinars, white papers and videos, can be found at http://www.experian.com/databreach.

Read the Experian Data Breach Resolution blog at http://www.experian.com/dbblog.

Joel Rushing
1 206 268 2251

Sandra A. Bernardo, APR
Experian Data Breach Resolution
1 949 567 3676

About Experian Data Breach Resolution
Experian Data Breach Resolution, powered by the nation’s largest credit bureau, is a leader in helping businesses plan for and mitigate consumer risk following data breach incidents. With more than a decade of experience, Experian Data Breach Resolution has successfully serviced some of the largest and highest-profile breaches in history. The group offers swift and effective incident management, notification, call center support and reporting services while serving millions of affected consumers with proven credit and identity protection products. In 2013, Experian Data Breach Resolution received the Customer Service Team of the Year award from the American Business Awards. Experian Data Breach Resolution is active with the International Association of Privacy Professionals, the Health Care Compliance Association, the American Health Lawyers Association, the Ponemon Institute RIM Council and InfraGuard and is a founding member of the Medical Identity Fraud Alliance. For more information, visit www.experian.com/databreach and follow us on Twitter @Experian_DBR.

About Experian
Experian is the leading global information services company, providing data and analytical tools to clients around the world. The Group helps businesses to manage credit risk, prevent fraud, target marketing offers and automate decision making. Experian also helps individuals to check their credit report and credit score, and protect against identity theft.

Experian plc is listed on the London Stock Exchange (EXPN) and is a constituent of the FTSE 100 index. Total revenue for the year ended 31 March 2014 was US$4.8 billion. Experian employs approximately 16,000 people in 39 countries and has its corporate headquarters in Dublin, Ireland, with operational headquarters in Nottingham, UK; California, US; and São Paulo, Brazil.

For more information, visit http://www.experianplc.com.

Experian and the Experian marks used herein are service marks or registered trademarks of Experian Information Solutions, Inc. Other product and company names mentioned herein are the property of their respective owners.

#  #  #