Medical Identity Theft is been happening at an alarming pace these days. Everyday there is news reports about health data breaches in hospitals, private practices and other medical organizations.
So what can a consumer do when their health data is compromised?
And what can one do to protect the data from being compromised in the first place?
Here are some examples of how data breaches occur:
- A laptop or a mobile device with patients records info is stolen or lost
- A hacker may have reached the health organization’s computer system
- Paper health records stolen from the premises
What kind of information can be stolen or hacked?
- Health insurance numbers
- Social security numbers
- Medical information
- Creditcard information
Signs that a data breach has occurred on your health information:
- You receive a data breach notice from a healthcare organization
- Unknown items in the Explanation of Benefits(EOB) from your health insurer
- You receive a notice from your health insurer or health plan stating you have reached your benefit limit
- Call from a debt collector
- Unusual questions asked during check in at your health provider
So, what can you do to protect your privacy?
Depending on the type of information compromised, there are several steps you as a consumer can take to protect themselves:
1) If a social security number is stolen:
- Call the 3 Credit Bureaus: TransUnion, Equifax, Experian and alert them of the breach
- Have the credit bureaus put a fraud alert on your file
- Get a copy of your credit reports and review it carefully
- Report any unusual or incorrect information immediately and have them removed
2) If a Health Insurance of Health Plan number is stolen:
- Call your health insurer and have them make a note of the breach
- Review the “Explanation of Benefits” statement from your health insurer very carefully
- Check for a service you did not receive, an office visit you did not make, or medical equipment you did not request on the statement
- Have them investigate anything you find suspicious
- Contact the doctor, pharmacy, laboratory, health plan, or other provider who submitted the information to the insurer. Ask to see your medical records about the item you are seeing in the Explanation of Benefits.
- Review all the information you receive from your insurer and your related medical records. If you still believe the item is incorrect, contact the health care provider’s medical records department or privacy officer. Request to have your medical records corrected.
3) If a call from a Debt Collector for unpaid medical bills is recieved:
- Do not pay the bill and ask for a copy of the bill and related documents
- Call your health insurer or health plan. Tell them about the bill, explain that you did not receive the services and ask them to investigate it.
- Contact the health care provider who provided the services. Tell them you received a bill or call about a service you did not get. Ask them to check their billing records. If they confirm the bill, ask them for a copy of your medical records related to the service.
- Request to have your medical records corrected in writing. You may need to get a police report of identity theft to go with your request.
Federal Law requires providers to put up Notice of Privacy Practice at their offices or website. This notice will have instructions on how to order copies of your medical records, how to request an amendment or correction, how to file a privacy complaint, and other helpful information.
Need further Information? Click here
Latest posts by EHR 2.0 (see all)
- Trump Administrations’ Effect on Healthcare Organizations - January 23, 2017
- HIPAA Fine for Lack of Timely Breach Notification - January 11, 2017
- HIPAA Compliance 2016 Year in Review - January 9, 2017