Health information is valuable. Your doctors need swift and easy access if they are going to provide effective treatment, especially in an emergency. But health data also has value to researchers and advertisers, and medical financial information is attractive to criminals who can use it to steal medications, equipment and services.
Now that medical records are being kept electronically, they can more easily be misappropriated. Health care providers and insurers have been hacked, creating worries about privacy, as well financial vulnerability. Medical companies that get access to health information may bombard you or your child with advertising for treatments that you don’t want or need. A thief who gets access to insurance information can ruin your credit and max out your benefits. Just as worrisome, a person who accesses health services under the name of a family member may have his information entered into the medical record, creating confusion that can have serious consequences.
Protecting your family from these problems requires vigilance. Get into the habit of following these rules:
Study statements. Check provider names, dates of service and the type of service provided. Does anything look unfamiliar? Were you billed for the same thing twice? If you see a mistake, report the problem as soon as possible.
Check EOBs. An Explanation of Benefits from your insurance company usually says “This is not a bill” at the top. That’s not a reason to ignore it. Match EOBs to statements from medical providers. If there are any discrepancies, contact your insurance company immediately. An inaccurate EOB may be your first indicator that someone else is using your insurance information.
Sign up for online accounts. Many doctors and pharmacies provide patients with password protected access to personal medical files. Not only is this an easy way to check the accuracy of records, but it also keeps anyone else from setting up an account under your name.
Correct misinformation. Fraudulent medical claims can introduce inaccurate information into medical records. If you become aware of errors in your medical files, ask that they be corrected. Keep in mind that the medical provider who created the record has responsibility for changing it but won’t necessarily notify any other providers who may have received the information. Follow up with each of them to be sure records are accurate.
Set Up Personal Health Records. Having your own records makes it easier if you need to change health care providers. MyPHR.com has an extensive list of record-keeping apps and programs, as well as paper forms that can be downloaded. Regardless of format, you’ll want to record the following information for each family member:
- Dates of immunizations
- Lab results, including blood type
- Allergies and sensitivities to medications, foods and materials
- Prescribed medications, including dosages
- Treatment for chronic conditions such as asthma
- Treatment for unusual conditions, including hospitalization or ER visits
Because genetic history is likely to become more important in your child’s lifetime, you may want to use the same file to record medical conditions of ancestors and other family members as you learn about them.
Keep records safe. Use a password to protect health records stored online. Store paper records in a safe place—a locked filing cabinet is ideal. Shred outdated health insurance forms, prescription receipts, physician statements and even the labels from prescription bottles.
Guard your numbers. Treat your insurance card as carefully as your credit card. If you lose it, call the insurance company immediately. Avoid putting social security numbers on health information forms. Numbers for children are especially desirable to thieves because you may not detect a problem until the child applies for a driver’s license. If forms from medical providers or, for that matter, schools or sports teams ask for social security numbers, leave the space blank. Don’t share medical or insurance information on the phone unless you initiated the contact. Don’t provide it in response to email.
Be smart online. Thanks to HIPAA, medical providers must take privacy seriously. But those rules don’t apply to social media, message boards or companies that sell wearable medical devices. Think carefully about sharing health information online. You may want to restrict it to an inner circle of family and close friends. Consider using a nickname if you decide to share health information in online support groups or forums. Think carefully about equipping children with any kind of wearable medical device—even a pedometer—that shares or aggregates health data.
Be skeptical about free. Medical identity thieves try to trick people into revealing sensitive medical information by offering free products and services. Drug companies and other suppliers set up free forums to harvest information that may be useful in marketing. Free medical apps may collect information that is sold to advertisers. Before accepting a deal that seems too good to be true, read the fine print—especially the privacy policy.
If, despite all these precautions, you suspect someone has stolen the medical identity of a family member, act swiftly, following the steps outlined at IdentityTheft.gov/#what-to-do-right-away. You also can request an Accounting of Disclosures, a record that details when, what, to whom and why your medical information was shared by your provider. Even if you don’t suspect medical fraud, you may want to request a disclosure report, as well as reports from the three major credit agencies (AnnualCreditReport.com). By law, you are entitled to a free copy of each of these reports each year, and you may sleep better at night if you know they’ve given your family a clean bill of health.
Carolyn Jabs, M.A., raised three computer-savvy kids, including one with special needs. She has been writing “Growing Up Online” for more than a decade, and other columns appear at Growing-Up-Online.com. In 2016, she will publish Cooperative Wisdom: Bringing People Together When Things Fall Apart.
Carolyn Jabs, M.A.