Trending

Filed under: News

 

How Secure Are Your Medical Records?

Dec 27 2013, 4:36pm CST | by

How Secure Are Your Medical Records?
Photo Credit: Forbes
 
 
 

10 Incredibly Simple Things You Can Do To Protect Your Privacy

There are many moments when I’m grateful for the ways technology has enabled me to me take charge of my health. When I email my doctor to ask a question, for example, or every time I sign into my online health insurance account to review a claim. Or whenever I browse the Internet to research a medical condition or track my exercise and diet accomplishments with my smartphone apps.

Still, there are many moments when I’m troubled about technology’s potential impact on the privacy of my medical records. I wonder: Who else is reading the emails I send my doctor? Who’s tracking me when I research an ingrown toenail online? Even more disconcerting is my “personal health record” on my health insurer’s website — a list of my prescriptions and ailments based on doctor visits and pharmacy purchases.

And given the shaky start to the Affordable Care Act (aka Obamacare), my concern about computer security has increased even more lately.

Should I be worried? Should you?

(MORESneaky Ways Wellness Apps Invade Your Privacy)

What Privacy Experts Say

To find out, I turned to several privacy experts and asked their advice on the best ways to protect our medical records.

“We should all be concerned about medical privacy,” says Adam Levin, chairman ofCredit.com and Identity Theft 911. The reason, he explains, is simple: There are a lot of people and companies involved in processing medical payments — doctors, labs, insurers, pharmacists, pharmacy benefit managers (intermediaries between drug stores and insurers), even banks that process credit and debit cards payments — and “an awful lot of data is moving back and forth” among them. Many of these transmissions, Levin says, may not be properly encrypted.

It’s not just an idle concern. Levin told me that “breaches upon breaches have occurred in the medical area.”

One way that medical ID theft occurs is when a thief uses your name and perhaps your insurance information or Social Security number to obtain care. Alternatively, a con artist might use your identity to create a phony bill, allowing him to scam money out of others, particularly Medicare or insurers.

The results can be devastating: You could be harassed by debt collectors. You might be turned down for a job or promotion if a false diagnosis, such as depression, appears on your medical record. You could receive an incorrect diagnosis or treatment — for example, if someone swiped your identity, which then changed the blood type and allergies appearing in your records or added a bogus ailment to your charts.

What’s more, phony medical claims could prompt your health insurer to deny future claims, saying you exceeded its plan’s limits.

(MORE7 Steps to Protect Your Online Security)

Less nefarious — although possibly more detrimental — is that your medical records and the health info you share on social media sites or through smartphone apps could be used to deny you insurance or boost your premiums. (That’s why you should think twice before signing up for apps that track weight, blood glucose levels and even your anxiety level.)

Loopholes in a Law

But wait. What about those papers doctors make you sign on your initial visits, as a result of the 1996 HIPAA law (Health Insurance Portability and Accountability Act) and say which records can be disclosed and to whom. Aren’t they supposed to protect your privacy?

Actually, that law excludes life insurers, self-help websites, companies collecting health data given voluntarily to surveys or research and firms that conduct medical screenings at pharmacies, shopping centers and other public places.

As a result, “people are frequently targeted with marketing communications based on information obtained outside of HIPAA protections,” says Deven McGraw, director of the Center for Democracy & Technology’s health privacy project.

Also not covered: over-the-counter drugs (use your frequent shopper’s card to buy Preparation H at the drugstore or supermarket and others may ultimately find out).

As a result of all these loopholes, according to the World Privacy Forum, even if you try to keep certain procedures or diagnoses private, it’s almost impossible to do.

Electronic recordkeeping has made patients’ medical information much more accessible, too. “For many years, medical information was trapped in Manila folders” and inaccessible to fraudsters, says Lauren Fifield, government affairs and policy advisor to Practice Fusion, a San Francisco-based firm providing electronic health networks and records to doctors and patients.

With electronic records, she adds, patients “need to take personal responsibility for their information” to make sure it is protected.

8 Tips to Protect Your Medical Privacy

Here are eight tips on how to begin that process:

1. Aak your doctor and other medical practitioners about how they share your medical information and with whom. “Some providers are more sensitive than others, so find one you can trust,” says McGraw.

2. Read your privacy rights. Closely examine the forms you fill out in medical offices. Some provisions vary from doctor to doctor.

3. Don’t readily give out your Social Security number if your doctor’s office asks for it.“Ask why they need it,” says Levin. “If they have your insurance information, they shouldn’t need your Social Security number too.”

Of course, if you’re on Medicare, your SSN is your billing ID number (plus a single letter that follows). In that case, take a precautionary step to reduce the chance of identity theft by making a copy of the card to carry with you and then blacking out your Social Security number in case your wallet is ever stolen.

4. Read your insurance bills carefully, even if no money is due. To make sure no one has stolen your identity, be certain you weren’t charged for office visits you didn’t make or procedures you never received. If you spot any inaccuracies, report them to your insurer immediately.

5. Review your credit report annually. Many medical ID theft victims have discovered they were scammed after spotting a collection notice from a hospital or medical lab in their credit report. If that happens to you, contact the credit bureau immediately to report the identity theft and contest the notice with the collection agency. (You can get a free credit report once a year at Annualcreditreport.com.)

6. Think twice about installing health and fitness apps on your smartphone. None of the data these apps collect are covered by HIPAA. Before signing up, read the fine print of each app’s privacy policy. (For more details, read my previous story, “Sneaky Ways Wellness Apps Invade Your Privacy.”

7. Be discreet browsing the Internet. Some search engines, such as Google, track your searches, often to sell to third-party advertising sites. So if you’re browsing something medically sensitive that you don’t want tracked, consider using search engines that refrain from that common practice. Washington, D.C. privacy consultant Robert Gellman likes Startpage.com and Duckduckgo.com.

8. Be cautious about providing personal medical information for surveys and screenings and to health sites and pharmaceutical companies. Ask how the information will be used and who who’ll have access to it. If you don’t like what you hear, just say “no.”

Caroline Mayer is a consumer reporter who spent 25 years working for The Washington Post. Follow her on Twitter @consumermayer.

Source: Forbes

You Might Also Like

Updates

Shopping Deals

 
 
 

<a href="/latest_stories/all/all/31" rel="author">Forbes</a>
Forbes is among the most trusted resources for the world's business and investment leaders, providing them the uncompromising commentary, concise analysis, relevant tools and real-time reporting they need to succeed at work, profit from investing and have fun with the rewards of winning.

 

 

Comments

blog comments powered by Disqus

Latest stories

Nike is Not Shutting Down FuelBand, But Facing Downslide in Wearable Devices
Nike is Not Shutting Down FuelBand, But Facing Downslide in Wearable Devices
Nike has not stopped its FuelBand production. However, it seems to be facing a downslide in the department of wearable devices.
 
 
Peaches Geldof to be Laid to Rest on Easter Monday
Peaches Geldof to be Laid to Rest on Easter Monday
Peaches Geldof is to be laid to rest soon after her sudden death due to unknown causes. Some say that after being incinerated, her remains will be spread in the soil surrounding her family residence. On the other hand Peaches Geldof may be buried.
 
 
Padma Lakshmi Shows Bad Taste in Fashion
Padma Lakshmi Shows Bad Taste in Fashion
The otherwise slim and smart Padma Lakshmi showed bad taste in fashion with her latest ensemble. The midriff baring look simply did not make her appear as presentable as she ought to have been.
 
 
Idris Elba Welcomes Son Winston Elba
Idris Elba Becomes Dad Again
British actor Idris Elba has become a dad again. Elba’s girlfriend Naiyana Garth gave birth to a baby boy, named Winston Elba, on Thursday.
 
 
 

The Hottest Photos of Victoria's Secret Fashion Show 2013

 

Viral Stories the Web