Your internet search and browsing history can be seen by search engines, web browsers, websites, apps and hackers. You should protect your search and browsing history
Several tactics can lead to medical identity theft, including someone physically stealing your sensitive information, phishing scams, insider attacks and data breaches. Continue reading to learn what medical identity theft is, how it can happen and ways you can protect yourself against it.
What is medical identity theft?
Medical identity theft occurs when someone steals your sensitive information, such as your Social Security number or health insurance, to submit fraudulent claims and receive medical care in your name. If you have unexpected medical bills for treatments or prescriptions you never received, you are most likely a victim of medical identity theft. Using your health insurance, cybercriminals can buy medical devices, order prescription drugs and even receive surgical procedures in your name.
How medical identity theft can occur
There are several ways you can become a victim of medical identity theft if you are not careful.
Physical theft of sensitive information
Do you keep sensitive documents like your Social Security card or medical insurance in your wallet or purse? If you do and your bag gets stolen, the thief can use your sensitive information to commit fraud and identity theft. You should never carry around your health insurance card unless you need to bring it to a doctor’s appointment or pharmacy. Some identity thieves will even look through your mail or garbage to steal prescriptions, medical billing statements or health benefit documents, so be sure to shred any important information you no longer need.
Phishing scams
Falling victim to phishing scams can lead to medical identity theft because a cybercriminal could impersonate a healthcare provider to obtain your sensitive information. Phishing attacks happen when a cybercriminal persuades or tricks you into sharing private information, like your medical insurance or Social Security number, by pretending to be someone you trust. Although phishing scams typically happen over email, you can also receive them over text (smishing) or phone calls (vishing). For example, a cybercriminal might claim to work for a doctor’s office and request your medical information to confirm an appointment or prescription.
Insider attacks
Although people generally trust healthcare workers, insider attacks can sometimes occur, jeopardizing your privacy and identity. Insider attacks happen within organizations, like hospitals, when employees steal data with malicious intent. Employees may conduct insider attacks to sabotage their current organization, steal patients’ information for themselves or sell patients’ information for money. For example, an employee at your doctor’s office may take your sensitive information and sell it on the dark web for financial gain.
Data breaches
Healthcare organizations are common targets of data breaches because they possess large amounts of sensitive information valuable to cybercriminals. Data breaches occur when a cybercriminal hacks into an organization’s network and steals information – either to use for themselves or sell to other cybercriminals. In healthcare data breaches, cybercriminals target hospitals or health insurance organizations since they have patients’ medical records, prescriptions, addresses and other sensitive information.
Some of the most recent cyber attacks have happened within the healthcare industry, including Change Healthcare and Ascension hospitals. In these attacks, many healthcare providers suffered data breaches, compromising patients’ medical diagnoses, test results, drug prescriptions and health records. Some hospitals, like St. Margaret’s Health in Illinois, have even been forced to close due to the impact of cyber attacks.
Oversharing online
Although it’s fun to share life updates online, oversharing, especially on social media, can lead to your identity getting stolen. Be careful not to reveal any Personally Identifiable Information (PII) online, such as your home address, driver’s license, passport or Social Security number. Your medical records also classify as PII, and someone could access that information if you fall for phishing scams or try to send private information through email or text. Since emails and text messages aren’t encrypted, someone could intercept sensitive information while you’re sending it through a type of cyber attack called a Man-in-the-Middle (MITM) attack. Once a cybercriminal has taken your PII from social media or other online accounts, they can use it to impersonate you and commit medical identity theft.
How to protect yourself against medical identity theft
Despite how scary medical identity theft sounds, there are multiple ways you can protect yourself and your sensitive information.
Create strong passwords
By creating strong and unique passwords for each of your online accounts, you can protect your identity. A strong password should not include personal information and should incorporate a combination of uppercase and lowercase letters, numbers and symbols. Strong passwords are typically at least 16 characters long because the longer and more random your password is, the more difficult it will be for a cybercriminal to crack.
You can use Keeper Password Manager not only to store your passwords but also to create strong passwords. With its built-in password generator feature, you can create a unique password for each of your accounts, including all your medical-related online accounts. This ensures that your sensitive information is guarded with strong passwords and that those strong passwords are protected in a safe, digital vault. When your sensitive information is protected with strong passwords and in an encrypted location, you can help prevent your identity from being stolen.
Never share medical or health insurance information online
Since medical and health insurance information contains very sensitive data, it is important that you never share this information online. Avoid taking pictures of any health information and posting it on social media platforms because you never know who might steal your information. Even close friends or family members could take your PII and use it to impersonate you to receive medical benefits or have procedures.
If you need to share sensitive information, make sure you do it in a secure way and with people who you trust. You can use a password manager to share sensitive information since your information will remain encrypted. Keeper Password Manager uses zero-knowledge encryption, which means that your information will be encrypted at all times, and no one besides you – not even Keeper – can see it.
Securely store medical information
Your medical records and health insurance information should be stored in a secure place. As mentioned earlier, make sure to shred any important documents that you no longer need because identity thieves can search your garbage for PII. If you don’t have access to a shredder, use a black marker to conceal your sensitive information so that nothing private is revealed.
You can digitally store your sensitive information in a safe location by using Keeper Password Manager. You can store important files, PDFs, documents and photos in addition to passwords. Use Keeper’s Secure File Storage to conveniently organize your private files in an encrypted space and securely share sensitive documents with those you trust.
Check your medical records
Get into the habit of checking your medical records at least once a year for any suspicious activity. If you notice any unfamiliar activity, contact your healthcare providers and report the issues to them in writing. You should also check your medical bills to ensure you are charged only for legitimate services, prescriptions or procedures that you received.
Regularly review credit reports
It’s important to review your credit reports for any signs of medical identity theft. Look for any unexpected changes or suspicious activity, like debt related to medical procedures you didn’t have. Contact each of the three major credit bureaus (Experian, TransUnion and Equifax) if you find anything suspicious in your credit report.
Stay safe from medical identity theft
Protect any PII and sensitive physical documents, like your health insurance card, to stay safe from medical identity theft. If your sensitive information isn’t kept in a secure place, both digitally and physically, you risk falling victim to identity theft, and your PII could be used to commit medical fraud.
Start a free 30-day trial of Keeper Password Manager to create and store your strong passwords for online accounts, medical-related information and more.