Critical Care: The Importance of Protecting Your Medical Identity

Two major US healthcare providers recently suffered data breaches, compromising the personal medical information of 300,000 patients and adding to the long list of medical providers targeted by cyber attacks. During the past several years, there’s been a concerted effort by cybercriminals to steal medical records so they can conduct medical identity theft and exploit sensitive health data for financial gain.

The targeting of healthcare providers isn’t expected to subside anytime soon, making it vital to understand the risks so you can protect your medical identity.
 

What is medical identity theft?

Medical identity theft is when someone fraudulently uses another individual’s personally identifiable information (PII) — such as their name, address, Social Security number or health insurance account number — to receive medical services, buy medical equipment or make fraudulent medical insurance claims. Using the victim’s health information can help the fraudster avoid paying for services or get medications and medical devices they likely aren’t supposed to have.

Unlike other forms of identity theft, medical identity theft can directly impact your physical well-being. If a fraudster’s medical details get mixed with yours, your future care could be affected. For instance, some victims may not get the prescription medications they rely on, while others may be denied necessary treatments.

Plus, correcting the medical record and resolving any outstanding issues can be a complex and time-consuming endeavor to say the least.
 

Signs your medical identity may be compromised

Given the continuing trend of healthcare breaches, it’s understandable to be concerned about your data’s exposure. When data is misused for medical identity theft, there are a few indicators from healthcare providers, financial agencies or your insurance provider you might see, including:

• Bills for medical services you didn’t receive or medical devices you didn’t purchase
• Invoices from a hospital or doctor’s office you’ve never been to
• Inability to fill prescriptions because there are supposed contra-indications
• Notifications you have reached benefit limits or are being denied coverage due to incorrect medical records
• Your credit report shows notices for unrecognized medical debt collection, or collection agencies call about unknown medical bills.

Recognizing these indicators can help you respond more quickly to medical identity fraud and medical ID theft — and the faster your response, the better you can contain the potential damage.

What to do if you’re the victim of medical identity fraud

If you suspect your medical identity has been compromised, don’t panic. There are steps you can take to reduce the potential impact and get on the road to recovery.

You should immediately gather copies of your medical records and review them for discrepancies. If you find any issues, report them to your insurance company so you can start resolving them. You might also request a new health insurance ID number so your old one can be canceled, thereby making it less useful to fraudsters.

If your health insurance is provided through work, notify your employer so it can coordinate with the provider on any response.

Contact the healthcare provider involved and complete a patient access request form to get copies of your medical records it has on file. That way, you can ask your healthcare provider to correct those records — and have affiliate labs and other providers update their files as well.

If the healthcare provider raises concerns your access to these records violates the privacy of the other person using your information, go to its Notice of Privacy Practices and contact the person listed for handling disputes of medical records.
 

How to avoid medical identity theft

After correcting any misinformation in your medical records, to avoid future instances, consider the following measures:

• Regularly check your explanation of benefits (EOB) statements or Medicare Summary Notices to verify claims paid by your health insurer and flag any activity you don’t recognize.
• Review your credit reports from the three major credit bureaus regularly. You’ll want to monitor for any delinquent medical bills in your name.
• Freeze your credit and place fraud alerts on your credit files to limit access to your credit. These steps can help deter fraudsters from using your credit information.
• Report any suspected identity theft to the Federal Trade Commission’s Identity Theft website.
   

An ounce of prevention is worth a pound of cure

Cybercrimes targeting the healthcare industry have the potential to endanger the medical privacy and future treatment of countless victims. By understanding the risks, recognizing the signs of identity theft and taking measures to safeguard your medical identity, you can better position yourself to avoid becoming a victim of this growing threat.