The increased push to make medical data available online has made access to medical charts and information more transparent for doctors, hospitals and patients. But with transparency comes the threat of criminals having access to medical information as well. According to the Ponemon Institute, more than 1.8 million Americans were victims of medical identity theft in 2013. Yet unlike the financial industry, not all health care organizations are equipped with the necessary safeguards to keep hackers at bay. In today’s cyber-marketplace, medical data is easy to steal, and more valuable than credit card data.
Security firm, BitSight Technologies, is seeing a cyber hack trend in the health care industry far more than in retail, financial institutions or utilities. Stephen Boyer, BitSight’s co-founder and chief technology officer, said on the black market, medical records sell for $20, while credit card information is only worth $1. With your medical information thieves can process fake claims, trade test results to obtain treatments or drugs, and obtain credit cards, loans and commit tax fraud.
While the threat of medical hacks is rising, there are steps you can take to protect your identity and stay alert for possible mistreatment of your health records.
1. Be An Investigator
Every explanation of benefits (EOBs) you receive from your health insurance company, and bills from providers should be thoroughly reviewed for any unusual charges that don’t match your appointment or medical history. If you have online access to your medical records, check to see if mysterious prescription drugs are going against your prescription drug deductible. If you find suspicious activity on your paper bills or online, contact the customer service department of your health insurance carrier immediately.
2. Get a Smart Password
It’s tempting to create a password with your last name and birthdate for every account, and never change the sequence. However, using personal information is one of the easiest ways hackers can access your data. The U.S. Computer Emergency Readiness Team recommends:
- Never using personal data, even if it’s a numerical sequence, like your birth date.
- Don’t use words that can be found in the dictionary. Hackers can run a dictionary of words up against encrypted data to determine a password.
- Use a verse of formula to remember difficult passwords. For example, “I love to cook broccoli all day long” can help you remember the password: 1LtcbadL. Pick a phrase that is personal to you, yet fairly easy to use.
- As in the example above, use a combination of numbers, lowercase letters and capital letters. The letter “I” and the letter “L” can be substituted with “1” and the number “3” can be used for a heart symbol. “I love to cook broccoli all day long” can also be: 13tcbadL.
3. Keep An Eagle Eye On Your Credit Report
New accounts that have been opened in your name are the first signs of identity theft. Check your credit report regularly to ensure criminals are not opening lines of credit and tarnishing your credit history. If you travel often or make purchases online, check with each of the three credit bureaus throughout the year. The three bureaus do not share information, so if you notice differences on your report, contact the bureau to report any false activity.
If you suspect your medical information has stolen, contact your health insurance company as soon as possible.