Is your medical privacy at risk? How to protect your medical information

Last year, more than 2 million Americans were victims of medical identity theft. This type of identity theft can be just as serious as when your financial information is stolen. But there are several important steps you can take to protect your medical privacy.

How can medical identity theft impact you?

Your medical records can contain a great deal of sensitive information, including:

• Your Social Security number
• Home address and other contact information
• Personal and family medical history
• Lifestyle factors, such as smoking, alcohol and drug use, sexually transmitted disease risk factors
• Diagnoses and medical opinions
• Prescriptions
• Lab and diagnostic test results
• Participation in clinical trials
• Genetic test results
• Surgical procedures and outcomes
• Bills and insurance claims

The breach of this information can have a personal, financial, and medical impact. Thieves can use that information to open bank and credit card accounts, take out loans, or get documents like driver’s licenses and passports in your name.

In addition, if your medical identity is stolen and treatment is received in your name, incorrect information can be added to your records. That could lead to serious treatment errors if you need emergency care and aren’t able to answer the doctor’s questions about your health.

Take these steps to protect the privacy of your medical records

1. Talk to your doctor and any other healthcare providers or facilities where you receive care and tell them about any privacy concerns you have. Make sure that the providers comply with HIPAA regulations in regard to protected health information and HITECH in regard to electronic records.

2. Ask your doctors how they share your medical information and with whom. Carefully read any HIPAA privacy statements and release forms before signing them because these forms can vary from provider to provider. You have the right to limit what information can be shared and with whom it can be shared by making specific notations on the forms.

3. Check your electronic medical record and insurance claim Explanation of Benefits for accuracy on a regular basis. In cases of stolen medical identity, frequently victims first spot the crime when they see bills or other information about medical care they did not receive. If you do see claims, bills, or information about care you did not receive, follow up with the healthcare provider and insurer by phone and in writing so there’s a record of what you’ve reported. In the letter, outline the specific errors in your record and request that changes be made. Follow up and ask for a corrected version of the records for your review.

4. Check your credit report for debts for medical care you did not receive and dispute these charges in writing with all three credit bureaus.

5. Protect your insurance card as carefully as you protect your credit cards.

6. Actively select the ways that your provider may share private information with you. You may or may not prefer text, email, fax, or voicemail. Make sure that you make your preferences clear. Bear in mind that unencrypted email is not secure.
7. Don’t share specific personal medical information online, for example on message boards or chat rooms for people diagnosed with a certain health problem. If you use health or fitness apps, be sure to check whether the provider tracks the information you store, how it’s used, and whether it can be sold to a third party.

A secure curated medical record that’s monitored and updated by a personal health advisor can be another tool that can help ensure your medical information is protected, accurate, and can be quickly and securely shared with doctors in an emergency.