The accelerating pace of healthcare data breaches and the long-term impacts of becoming a fraud victim mean consumers must become their own first line of defense against medical identity theft, America’s fastest-growing identity crime.
According to statistics provided by the Department of Health and Human Services, HIPAA-related healthcare data breaches have affected more than 34 million people in the United States. These stolen records provide the raw material for future crimes, including identity theft, tax fraud and significant insurance fraud.
“Medical identity fraud is more than a financial issue – it’s the most critical patient safety challenge of our time,” said Christine Arevalo, VP Healthcare Fraud Solutions, for ID Experts. “When someone steals your medical identity, they corrupt your individual health record, so the next time you receive care your doctor can be working off a file riddled with bad information.
“Healthcare organizations can do more to protect the information they collect, but consumers have to join in the fight to protect themselves and their families.”
ID Experts, which works with both consumers and organizations to mitigate the impacts of data breaches, offers 10 tips for protecting against medical identity fraud:
ID Experts’ Top 10 Medical Identity FRAUD prevention tips
1. Protect your health insurance card as carefully as you would your Social Security or credit cards.
Theft of these cards allows someone to assume your identity to received care. Treat their loss as seriously as a missing credit card; notify your insurance company and include it on any police report you file.
2. Never share your insurance with a friend or family member.
It’s not just about the legal consequences of fraud. When someone pretends to be you to receive health care your lifetime medical records become compromised. This can lead to a future misdiagnosis, a prescription mistake or other inappropriate treatment.
3. As with your financial accounts, create unique passwords and update them often.
Patient portals are a great way to improve the coordination and quality of care, but these credentials are just as vulnerable to hackers as your bank information. Use strong passwords and protect them.
4. Know where your information is being shared.
You are well within your rights to find out with whom your insurance company and medical providers have shared your personal information. Consumers are entitled to one free copy of this every year from each of their providers.
5. Be observant in medical offices.
Don’t just fill out the HIPAA policy form and then assume your provider is being careful. Look for signs of concern, like medical records sitting open on desks or unattended and unlocked computer terminals. Raise concerns with the staff if you have them – or find another provider.
6. Properly store and dispose of sensitive documents.
Keep all papers and electronic copies of your records in a secure location. Shred any outdated medical documents, including old prescription labels.
7. Never accept an unsolicited offer of free medical care.
In the state of our current economy scammers or institutions may try to lure you in with the promise of “free” services in order to obtain names and medical insurance information for use in fraudulent claim submissions.
If you are notified that you have been a victim of a healthcare data breach:
8. Demand more than just credit monitoring services.
If you are notified of a data breach, you may be offered credit monitoring services. These offerings cannot detect medical identity fraud. Tell the breached organization you want a service that will both monitor your health identity and alert you to any potentially fraudulent activity involving your health insurance.
9. Do NOT provide your medical information to someone who calls or emails you about your “possible involvement in a recent breach.”
Scammers follow the news and will “phish” for additional personal or financial information to further steal your identity. Legitimate organizations and companies will never ask for this information via unsecured channels.
10. Place fraud alerts with the three major credit bureaus.
This will entitle you to free credit reports so you can ensure nothing is amiss. It’s not a complete solution for medical identity theft, but medical collection notices may appear there. Start here to find out more: http://www.consumer.ftc.gov/articles/0279-extended-fraud-alerts-and-credit-freezes