Why is PHI Valuable to Criminals?

PHI is valuable to criminals – valuable enough that cybercriminals devote significant time and resources to stealing it. But what precisely about PHI makes it worth money? PHI is not currency (like diamonds or gold) that the entire world recognizes and barters with, and it is not inherently valuable, like a coupon or a sale in which something is purchased at a discount that allows someone to save money. The issue of why is PHI valuable to criminals is discussed below. 

Why is PHI Valuable to Criminals? Shelf-Life, Extortion, and Fraud

Why is PHI Valuable to Criminals

One reason as to why is PHI valuable to criminals, is its extended “shelf-life.” A cybercriminal who steals a credit card or credit card number can quickly obtain cash. However, the credit limit of the card limits the amount of cash that can be stolen. In addition, once a card has been “maxed out,” the card issuer will either cancel the account altogether (if the theft is not reported), or issue the cardmember a new card (with a new account number) if the theft is reported. At this point, there is nothing left to steal.

PHI is valuable to criminals because there are a number of ways that health information can be used to illegally make a profit. These include, to name just a few:

Extortion (commonly referred to as blackmail). Extortion is the illegal threatening or intimidating of someone to get that person to do something. Here, a cybercriminal will demand an individual to pay money. If the individual doesn’t, the cybercriminal will expose private and potentially embarrassing medical information. Once a cyberthief is in possession of potentially embarrassing PHI, the cyberthief can literally wait years to extort someone over it. Extortionists frequently carry out ransomware attacks to obtain unauthorized access to PHI. They then demand that unless the victim pays a large sum of money, the PHI will be publicly revealed.

Let’s Simplify Compliance

Do you need help protecting your PHI? Compliancy Group can help!

Learn More!
HIPAA Seal of Compliance

Fraud.