What is Medical Identity Theft?
Following data theft incidents that are made public or come as an awful surprise, victims are suddenly faced with serious consequences that may include financial fraud and identity theft. There is also a potentially devastating result of a personal data breach that is often overlooked, and which is increasingly common: medical identity theft.
Medical identity theft can be very costly. A majority of victims pay an average of $13,500 to resolve instances of medical fraud, and many pay much more. When identity theft targets insurance providers or government programs, the costs are seen in higher insurance costs and increased taxes.
Joe Lyon investigates consumer data privacy cases for plaintiffs nationwide. After any data theft event, it is critical to take immediate action, and sometimes legal action is necessary to recover substantial damages.
Medical Identity Theft Definition
Medical identity theft can occur when a hacker steals or uses personal information (names, Social Security numbers, or health insurance numbers) to submit fraudulent claims. Medical identity theft can not only result in huge medical costs but can disrupt your own medical care.
Cybercriminals can easily use personally identifiable information (PII), personal health information, healthcare data and prescription history to commit fraud.
In many cases of medical identity theft, fraudulent insurance claims are submitted for services that were never provided for you, but for someone else.
In recent years, medical data was kept in paper file systems, but now have almost all been converted into electronic health records, stored on medical data networks or third-party cloud systems. Because of the vast amount of electronic data stored on different devices and networks, it’s much harder to protect.
Large-scale healthcare data breaches have been on the rise over the last five years, including a major hack of Anthem when about 70 million of its personal records were reportedly stolen.
How Does Medical Identity Theft Occur?
With merely the information taken from a misplaced wallet, a thief can commit medical identity fraud. More often, however, the personal data is stolen from healthcare entities’ networks and sold on the dark web, endangering millions of Americans each year.
Aside from basic ways to protect your medical information, it is prudent to look out for signs that someone is using your medical information. Some obvious medical identity theft red flags include:
- Getting a bill from a doctor or hospital for services you didn’t get
- Billing errors or errors in your Explanation of Benefits statement
- Bills for prescription medications you don’t take
- Any calls from debt collectors about a mysterious medical debt
- Medical debt collection notices that you don’t recognize on a credit report
- Notices from health insurance companies saying you reached your benefit limit
- A denial of insurance coverage because your medical records show a pre-existing condition you don’t have
Who is at Risk of Medical Data Theft?
Health industry experts say certain individuals are more likely to become targets, including people on Medicare and the elderly. Older adults are more susceptible to scams because they tend to be less guarded about disclosing personal health information. Children’s health records are also valuable because a minor’s clean credit report can be used when no one is checking credit reports.
New mothers, surgery patients, and people with chronic conditions like cancer are also at higher risk because of an increased activity within the healthcare system, and the more opportunity for medical records to be breached.
Anyone who posts personal information on social media are at higher risk. The more information available online, the more an individual may be targeted.
Medical Identity Theft Protection
The good news is that there are certain things you can do to protect your medical information. First, individuals can keep medical records, health insurance records, and other related documents in a secure place. Personal health information can include the following:
- Health insurance enrollment forms
- Health insurance cards
- Prescriptions
- Prescription bottles
- Billing statements
- Explanation of Benefits statements
- DNA testing results
When medical documents are no longer needed, they should be disposed of. In the case of paper forms, they should be shredded. Electronic data should be destroyed as well. Any medical statements sent to you in the mail should be carefully handled, and individuals should consider changing to an online account for medical bills or Explanation of Benefits statements. At all costs, protect your Social Security number, which can be used to commit fraud quite easily.
It is important to not give your medical information to anyone who calls, emails, or texts you unexpectedly. Ask anyone inquiring about your data for more information and find a company phone number to reach them at a later time.
Medical Data Theft Lawyer
If you suspect someone of using your personal health information for devious purposes, contact a lawyer. Victims should submit a claim to their insurance provider, contact their financial institutions and credit agency. If you confirm medical identity theft, victims should contact an attorney and begin with collecting and reviewing medical records, and reporting errors. Contact doctors, clinics, hospitals, pharmacies, laboratories, and health insurance companies where the thief may have used your information.
Your health care provider must respond to a medical record request within 30 days and must notify other health care providers who may have the same errors in their records.
The Lyon Firm is currently involved in a variety of class action data breach litigation, representing plaintiffs nationwide. If you suspect medical identity theft or personal data theft, contact Joe Lyon for a free and confidential case review. Companies may be held accountable for their negligence and compensation may be available.