The stack of mail was like the mail on any other day: a few bills, a few pieces of junk mail, a couple of letters. I didn’t think anything of it as I opened the envelope addressed to me from my medical provider.

The letter inside, however, startled me. It was addressed to another patient with his lab test results, a violation of HIPAA, the 1996 federal Health Insurance Portability and Accountability Act, which aims to protect patient privacy.

I quickly informed the doctor of the mistake and shred the letter without reading it. But the incident made me wonder if any of my own medical details might be in the hands of someone else.

Consumers, beware. Identification and medical theft are almost as certain as death and taxes these days. Since the advent of digital technology to replace paper records, we now face a greater risk of medical data breaches.

Implemented in 2009, HIPAA requires health care providers and their vendors to implement strong data security measures. It has been a costly and slow process. Yet even with strict measures in place, malicious insiders with access to medical files, billing and insurance records, plus tech-savvy hackers, often outsmart the systems. This puts us all at risk for identity theft.

[lz_ndn video =29943091]

The U.S. Department of Health and Social Services reports that 11.7 million individuals were affected by compromised medical breaches in 2014. That number spiked to 112 million in 2015. These numbers do not even reflect breaches affecting less than 500 people per incident.