Checked your credit report lately? Here’s why this might be a good idea: Medical identity theft is on the rise and the majority of victims are finding out about it on their own — as opposed to being notified about a breach from their health care institutions.
A report released this week by Accenture, a global information technology services company, shows that 26 percent of U.S. consumers have had their medical records stolen from health care information systems.
Not only is this a breach and a nuisance — it can be pricey. At least half of those who had their identities stolen ended up paying roughly $2,500 in out-of-pocket costs per incident, according to Accenture.
Unlike credit card identity theft, in which the card provider generally has a legal responsibility for account holders’ losses above $50, victims of medical identity theft often have no automatic right to recover their losses.
Breaches are more likely to occur in hospitals (36 percent). Other places that pose a risk to consumers, according to Accenture, are: urgent-care clinics (22 percent); pharmacies (22 percent); physicians’ offices (21 percent); and health insurers (21 percent).
“These computerized medical records were rushed into implementation and have proven to be inefficient,” said one nurse and patient advocate.
At least half the consumers surveyed found out about it on their own through either an error on their credit card statement or in a benefits explanation. Only 33 percent were alerted to the breach by the organization at which it occurred — and only 15 percent were alerted by a government agency.
Most often, the stolen identity was used to purchase items (cited by 37 percent of data-breached respondents), or used for fraudulent activities, such as billing for care (37 percent) or filling prescriptions (26 percent).
“When Congress imposed electronic medical records on the entire health care system through the 2009 Recovery Act, there was little thought to the vulnerability of patient data,” said Twila Brase, R.N., co-founder of Citizens’ Council for Health Freedom (CCHF), a national patient-centered health freedom organization in St. Paul, Minnesota.
“It was a reckless decision pushed by government bureaucrats and the purveyors of electronic medical records who saw the $30 billion of government grants as a pot of gold and now Americans face dangers they never faced before,” said Brase. “Adding insult to injury, these computerized medical records were rushed into implementation and have proven to be inefficient, a burden on doctors and a safety issue in patient care.”
That is far from the original intent of having easy data collection, tracking, monitoring and control of treatment decisions, she added. Her best advice to all health care consumers:
Be cautious what information you share. Never share your social security number, not even the last four digits, said Brase. Refuse to sign consent forms that give access to your data for all sorts of purposes beyond the treatment and payment. Don’t share data or answer questionnaires that you don’t want shared with countless others.
Realize HIPAA does not protect your privacy. Imagine your data being hacked and used for medical ID theft every time you think about what kind of details of your life you want to share with the doctor. Tell the doctor not to include certain information in your record.
Go back to paper. Find a doctor that uses paper records or a computerized medical records that isn’t connected to a state or national health information network. Consider paying cash for care, because the data cannot be reported to your insurance company.
Consider a medical sharing group. This is a great alternative to buying health insurance, as it reduces your costs and limits your exposure. Realize that the computerized medical record is being used as a data collection tool for government and insurers. Ask for a copy of your medical records each year to review for accuracy and check for medical ID theft.
Look at every bill you get. Check all records from the doctor and make sure you received that care.