Even when healthcare organizations take precautionary steps to protect personal information, breaches still occur. Like the recent data breach at the University of Pittsburgh Medical Center that resulted in the personally identifiable information (PII) of 1,300 current and former patients and 322 employees, including names, dates of birth, contact information, insurance information, medical treatment and diagnosis information, and Social Security numbers. Medical identity theft isn’t always perpetrated by outside hackers, employees are often to blame.
What Does Medical Identity Theft Look Like?
Medical identity theft comes in many different forms. Identity thieves may use an unsuspecting victim’s medical records to secure prescriptions, medical products and services, or to file fraudulent claims to third-party payers, such as medical insurers and government insurers Medicare and Medicaid. Unlike other forms of identity theft that result in a bruised credit file and bad headache, medical identity theft is a dangerous crime that could threaten not only your financial health, but your life. Imagine going to the emergency room to learn that your medical insurance has been maxed out or being misdiagnosed or mistreated due to inaccuracies found in your medical records. These things have been happening in increasingly alarming numbers.
In fact, the Identity Theft Resource Center reported that the number of health/medical data breaches leaped from 13 in 2005 to 269 in 2013, comprising 43.8% of the 614 breaches reported last year.
- A bill for medical services you didn’t receive
- A call from a debt collector about a medical debt you don’t owe
- Medical collection notices on your credit report that you don’t recognize
- A notice from your health plan saying you reached your benefit limit
- A denial of insurance because your medical records show a condition you don’t have.
Should your medical records be lost or stolen, there are steps you can take to mitigate the potential fallout. The FTC offers a helpful checklist victims of medical identity theft should take, starting with informing yourself of your state’s health privacy laws:
- Get copies of your medical records so you know that they’re accurate.
- Get an accounting of disclosures so you know who’s received copies of your medical records.
- Ask for corrections should you find errors
Unfortunately, once you’re involved in a data breach, you are at an increased risk of falling victim to identity theft. So, now, In addition to regularly monitoring your financial statements and credit report, you’ll want to make sure you stay on top of your insurance benefits and medical records, too. It’s the wise thing to do.
Image courtesy of Flicker user Phalinn Ooi.