The Centers for Disease Control and Prevention note that more than 1.2 billion visits were made in 2012 to doctors' offices, emergency clinics and hospital outpatient services. That's a lot of opportunities for your personal information to get taken and used in fraudulent ways. Know what information your doctor's office really needs and how to protect yourself from potential abuse.
What Information is Protected
The Health Insurance Portability and Accountability Act (HIPAA) was put into place in 1996. It sets guidelines for how your health information is managed and kept private. According to Health IT, the information provided in this federal act includes:
- any information regarding your physical or mental health in the past, present or future
- any information about health care you have or are currently receiving
- any information related to payments you have made or are making for health care services received
- any information that can be used to identify you
Nearly all health care providers, insurance companies and governmental agencies must abide by this information security mandate. Yet in spite of these controls, an Identity Theft Resource Center survey shows that 43 percent of the identity thefts in 2013 were the result of fraudulent use of information found in medical files.
Another Threat to Your Information
While HIPAA was enacted before widespread use of electronic health records, or EHR, in January 2014, EHR was made mandatory for individuals and facilities receiving Medicare and Medicaid payments, states USF Health. This means your personal information stored in paper charts will now become more available digitally. This could put your information at a higher risk with thousands of others, much like the theft of credit card information from large retail stores.
Keeping Yourself Safe
Be mindful of the information you're being asked for by your doctor's office. Sometimes it's out of habit and they really don't need it. Your social security number is the most important thing to protect and doctor's offices really don't need that, as Forbes cautions. You are identified by various other pieces of information, such as a patient number.
Brands like Lifelock.com, that offer identity theft protection services, can help you understand what information is most susceptible to identity thieves. You should keep this information just as safe as your social security number. Other pieces of information that you may be asked for by your doctor, that are rarely required, include:
- Driver's license number - This can be used by identity thieves to uncover a lot of other personal information.
- Place of birth - You're usually asked for your date of birth but place of birth is not something they need. That can be used to trace other information directly back to you by thieves.
- Employer information - Someone can use this information to go to your employer and uncover even more data about you.
- Credit card information - Ask if this information is kept by the doctor's office or just used then discarded. Pay by cash if you can. PayPal or other digital currency is also safer than credit cards or checks.
Most healthcare providers require your insurance information so they can file claims for you. This is not just for your convenience, but to make sure the provider gets paid. Unfortunately, this information is what often gets stolen and used by other people to get health care and prescriptions, on your dime. If you can pay for your visits and file the insurance claims yourself, you can keep your insurance information out of the doctor's file.