How to Combat Medical Identity Theft

by  Mike Murphy

There are so many different forms of identity theft, it’s hard to keep track of all of them. But one of the worst kind is medical identity theft.

This kind of theft can create chaos in your life and that of your loved ones. You lose more than just money with this kind of thievery.

By stealing your medical records, thieves get access to so much more of your other personal information.

Many times, when they steal these medical records, they get your social security number, your insurance provider/carrier, and other personal identifiable information.

Once they get their greedy hands on all of that, they can wreak havoc in almost any area of your financial life.

So how do you combat this and give yourself better ID theft protection?

What are your options to safeguard yourself against medical identity theft and its disastrous effects on your finances?

Here’s a few approaches you can take.

Avoid Medical Identity Theft by NOT Oversharing

The Anthem breach in 2015 was linked to ID theft of social security numbers.

Think about it, why does a doctor need your social security number to give you a routine physical? Some offices are adamant about getting all information.

But you also have rights. Ask if you have to share all information and ask why. If they require it, you have a right to know why.

Most importantly, you have the right to ask how they’re protecting your information. So, ask questions, even if the front desk clerk at your doctor’s office doesn’t want to answer them.

Check EOBs in Detail

Check your explanation of benefits (EOB) in depth.

Each time you go to the doctor, you receive an EOB. This is part of your HIPAA rights to access of your medical information. 

What this information details includes…

  • Previous doctor visits in office
  • Procedures you’ve had completed
  • Medications you’re on
  • Your blood pressure levels and other medical history data from previous visits

If there’s a mistake or something suspicious, call your doctor, health care providers, and insurance company immediately.

Even if it ends up being something you don’t remember, or something you didn’t know the name for, which you actually had done, it’s best to be safe rather than sorry.

Your credit report is also a great place to look for unauthorized expenses/open credit lines.

If medical work you didn’t have done is listed, or someone opened a medical application/card under your name, the FTC and credit bureaus should be notified immediately.

You have access to a free credit report annually, from each of the three bureaus, make use of them!

Take full advantage of that to help prevent medical ID theft and fraud.

If you have ID theft insurance, you’ll only be covered for expenses you incur while trying to reverse the damage from the theft.

Make Sure IDs are Checked

This is a big one. Have you ever gone to the doctor and they don’t check your ID when you visit? Okay, if you’ve been to the office 100 times and you know the staff by first name that’s one thing.

But, if it is a first-time visit, wouldn’t you expect your doctor’s office to confirm that you are who you say you are? 

The grocery store won’t sell you something that costs more than $20 without an ID, why should your doctor be any different?

If an office or practice doesn’t ask for your ID during a visit, ask why?

Especially if you’re new or a newer patient. You need to know that if they’re not taking this precaution, they’re likely not doing other things properly either. 

Do you really want to be seen by that office and staff?

It’s ultimately up to you, but you have the right to inquire as to how an office is handling your medical care and your identity, especially if they’re not taking a step as simple as asking for your ID to protect you.

Store Information Carefully

Believe it or not, paper files might be your best friend in today’s world of online theft. But, even with paper files, you need to be thoughtful in how you’re storing your medical records.

DVDs, CDs, online files, the Cloud.

Yes, these online electronic systems for storage are excellent. But, there are risks. When using the Cloud or other online storage mediums, make sure:

  1. Encryption and decryption are utilized appropriately
  2. There is an S (https) as this shows whether a site is secure
  3. There are two-factor authentication options (to check your fingerprint, phone number or other biometric)
  4. That additional password and security metrics are utilized
  5. That a site requires you to change passwords regularly and doesn’t allow you to use the same password twice
These are a few of the many ways to protect your information online. 
A doctor’s office should employ them. 
And, when you’re using your own systems to store medical records online, these are some things to look for in deciding where and how to save medical records.

Avoid Public Wi-Fi and use Malware Software

Make sure you have great malware software in place, and that you’re not accessing medical records utilizing public wifi.

Anyone can access public wifi, meaning any hacker or person out to commit medical identity theft can gain claim to your medical records if they know their way around a computer or security block.

Use your best judgment. If a password isn’t required, or you aren’t sure how secure a space is, don’t access private medical records or financial records for that matter, from that location.

It’s not so much that someone wants to steal your age, height, weight, and DOB, although these might all be appealing to someone who’s older and not as physically fit as you are.

They want what comes along with your medical records.

Your SS number, DOB, your phone number and home address, so they can open up new credit card accounts or gain access to your credit report.

And, they want to use your stolen identity to improve their lives financially, while reigning havoc on yours.

HIPAA and other consumer protection services are in place for a reason. Utilize the power of these safeguards, and if you still aren’t sure, add an additional credit monitoring service provider to the mix.

Although you might never be a victim, you shouldn’t wonder what if, or what I could’ve done to prevent it.

Take the right steps early. Utilize some of these best practices to safeguard your financial records, medical records, and protect your good name and your family’s PII online.