Empowering Voters. Defending Democracy.

Be Aware of Medical Identity Theft

According to the Identity Theft Resource Center, 27 percent of data breaches in 2017 were medical or health related. This is unfortunate news on several fronts. Medical identity theft can be difficult to detect, be hard to correct and create potential health risks.

It’s growing: Medical identity theft is becoming more common. Medical providers’ security is often weak. For example, hospitals may allow a wide variety of employees – from doctors to techs and administrators – to access patients’ information. One dishonest employee can sell thousands of dollars’ worth of electronic health records. (Because medical records contain so much personal information, a medical record can sell for $100 on the dark web.)

It’s dangerous: Imagine the ramifications of a thief’s health records get mixed with yours. You could be given the wrong blood transfusion or a drug you’re highly allergic to. You could even be turned down by future insurers because of a serious illness or condition you never had. If an insurance company or the government pays the bills, unsuspecting victims may not notice that something is amiss. Getting records corrected can be complicated. Medical insurers may be reluctant to remove inaccurate information if an action was taken based on the information.

Although federal law limits fraudulent credit charges to $50, it doesn’t offer the same protection for medical identity theft. According to a survey by cybersecurity research firm, the Ponemon Institute, medical identity victims who lost money spent $13,500, on average, to resolve their problem.

What you can do to prevent it: Watch your Explanation of Benefits statements (EOBs) for incorrect information. Ask your health care provider for a copy of your current file and correct anything that’s wrong. Monitor your credit report for unpaid medical bills. Ask medical providers how they protect your information. Don’t provide your Social Security number unless absolutely required to do so. Never give out medical or personal information over the phone or by email – unless you started the communication and are sure with whom you are dealing. Be wary of offers for free health services or products. Shred outdated health insurance forms, statements and prescription labels.

(Source: Risk Strategies)

About the author

GDPR