The Scourge of Medical Identity Theft
Robert Siciliano Identity Theft Expert
Medical identity theft can make you sick. As I once eloquently explained on CBS’s Early Show, if medical identity theft happens to you, “you’re screwed.” And it’s true.
Medical identity theft occurs when the perpetrator uses your name and, in some cases, other aspects of your identity, such as insurance information, to obtain medical treatment or medication or to make false claims for treatment or medication. As a result, erroneous or fraudulent entries wind up on your medical records, or sometimes entirely fictional medical records are created in your name. Having somebody else’s ailments noted on your medical records can create a great deal of confusion, potentially even negatively impacting your own health or medical treatment.
As of last week, a new rule requires health care providers, health plans, and other entities covered by the the Health Insurance Portability and Accountability Act (HIPAA) to notify individuals of any breaches of their medical information. A breach, in this case, is defined as, “the acquisition, access, use, or disclosure of protected health information in a manner not permitted [by the HIPAA Privacy Rule] that compromises the security or privacy of the protected health information.”
Most states have required corporations to disclose data breaches for the past few years. Ever since the ChoicePoint breach in 2005, states have been implementing notification laws. At the time, ChoicePoint was only required to notify California residents. Once word spread that residents of other states had also been compromised in the breach, ChoicePoint became the poster child for what not to do in response to a data breach.
Since health care facilities often handle and store some of the same sensitive personal information that corporations do, these facilities are now subject to similar regulations. But protecting yourself from medical identity theft isn’t as easy as protecting yourself from financial identity theft.
- Medical ID cards, insurance cards and medical statements that come in the mail can all be used to steal your medical identity. Install a locking mailbox to prevent your mail from being stolen.
- Don’t carry cards in your wallet unless absolutely necessary like when you have an actual appointment.
- Protect medical information documents. Shred all throw away documentation and lock it up when it’s in your home or office.
- Treat your medical identity similarly as you treat your financial identity by getting similar protections. If the thief can’t steal your financial identity then your medical identity may be less attractive. Protecting yourself from new account fraud requires more effort. You can attempt to protect your own identity, by getting yourself a credit freeze, or setting up your own fraud alerts. There are pros and cons to each.
Robert Siciliano identity theft speaker discusses medical identity theft on the CBS Early Show