August 1, 2014

Share Everywhere

Don’t Come Down With Medical Identity Theft

A few years back I worked for a national healthcare organization that was the first to introduce a paperless system of medical records. I remember my worst fear at time, as I watched the touch screens being installed in patient rooms — how easily medical records could be lost or erased. Those were the days when all you had to do was look at a computer the wrong way to cause it to crash. That medical records could fall into the wrong hands, resulting in medical identity theft never occurred to me. Fast forward 20 years and medical records have become an exploitable commodity.

Even when healthcare organizations take precautionary steps to protect personal information, breaches still occur. Like the recent data breach at the University of Pittsburgh Medical Center that resulted in the personally identifiable information (PII) of 1,300 current and former patients and 322 employees, including names, dates of birth, contact information, insurance information, medical treatment and diagnosis information, and Social Security numbers. Medical identity theft isn’t always perpetrated by outside hackers, employees are often to blame.

What Does Medical Identity Theft Look Like?

Medical identity theft comes in many different forms. Identity thieves may use an unsuspecting victim’s medical records to secure prescriptions, medical products and services, or to file fraudulent claims to third-party payers, such as medical insurers and government insurers Medicare and Medicaid. Unlike other forms of identity theft that result in a bruised credit file and bad headache, medical identity theft is a dangerous crime that could threaten not only your financial health, but your life. Imagine going to the emergency room to learn that your medical insurance has been maxed out or being misdiagnosed or mistreated due to inaccuracies found in your medical records. These things have been happening in increasingly alarming numbers.

In fact, the Identity Theft Resource Center reported that the number of health/medical data breaches leaped from 13 in 2005 to 269 in 2013, comprising 43.8% of the 614 breaches reported last year.

Here are some things the Federal Trade Commission says you should keep an eye out for:

  • A bill for medical services you didn’t receive
  • A call from a debt collector about a medical debt you don’t owe
  • Medical collection notices on your credit report that you don’t recognize
  • A notice from your health plan saying you reached your benefit limit
  • A denial of insurance because your medical records show a condition you don’t have.

Should your medical records be lost or stolen, there are steps you can take to mitigate the potential fallout. The FTC offers a helpful checklist victims of medical identity theft should take, starting with informing yourself of your state’s health privacy laws:

  • Get copies of your medical records so you know that they’re accurate.
  • Get an accounting of disclosures so you know who’s received copies of your medical records.
  • Ask for corrections should you find errors

Unfortunately, once you’re involved in a data breach, you are at an increased risk of falling victim to identity theft. So, now, In addition to regularly monitoring your financial statements and credit report, you’ll want to make sure you stay on top of your insurance benefits and medical records, too. It’s the wise thing to do.

Image courtesy of Flicker user Phalinn Ooi.

Ezzy Languzzi

Ezzy is a working mother and educator. She writes from the perspective of a parent seeking to strike a balance between all that technology has to offer and its privacy implications. Ezzy lives in Boston with her husband, son, two dogs, and two chickens.

Join The Discussion

Your email address will never be published.