Your medical records and personal payment data are worth a lot of money on the “dark web.” In fact, medical information sold on the anonymous regions of the Internet is four times more valuable than a Social Security number. When criminals get their hands on your medical records or billing information, they have everything — […]
Get Instant Access to This Article
Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.
- Critical Central New York business news and analysis updated daily.
- Immediate access to all subscriber-only content on our website.
- Get a year's worth of the Print Edition of The Central New York Business Journal.
- Special Feature Publications such as the Book of Lists and Revitalize Greater Binghamton, Mohawk Valley, and Syracuse Magazines
Click here to purchase a paywall bypass link for this article.
Your medical records and personal payment data are worth a lot of money on the “dark web.”
In fact, medical information sold on the anonymous regions of the Internet is four times more valuable than a Social Security number.
When criminals get their hands on your medical records or billing information, they have everything — your address, your birthdate, your home phone number, and probably your Social Security number, too. That’s why crooks put a higher value on medical records than simple financial records.
They can use that information for more than stealing your identity. They can create fake identities that could allow them to buy and resell medical equipment or drugs. They can also combine a patient number with a false provider number and file fake claims with insurers. They can even use them to file fake tax returns.
But there are steps patients can take to protect their medical records and billing information.
In one recent study, 89 percent of health-care providers surveyed admitted at least one data security breach in the previous 24 months.
Here are a few tips on what patients can do to guard their health-care information.
Only give out data that is absolutely necessary. When asked on an application to provide a Social Security number, ask “why?” It may not really be needed. It’s always safest not to store financial account information online for bill paying. But if you do, credit cards offer better protections than most debit cards or bank-account numbers if compromised.
Watch for suspicious mail. If the hacked company has your address, expect bogus pitches to arrive in your mailbox from people who want to “solve” your identity theft problem for you. Be suspicious of notification emails, especially those containing links or attachments (they may contain computer-infecting malware).
Use fraud alerts. If your Social Security number was taken in a breach, the risk of ID theft is five times greater than for the average consumer. Place a fraud alert or security freeze on the credit report at the three big credit-reporting bureaus.
Say yes to added security. If the breached organization offers free monitoring service, take advantage of this extra layer of security. Only 20 percent of breach victims do so.
Monitor your accounts. This includes Social Security earnings records. Ask bank or credit-card issuers to set up free email alerts for notification about activity on accounts, especially including change-of-address requests.
Change your passwords frequently Also order, for free, a credit report once every four months — once a year from each agency — at annualcreditreport.com.
Choose the most secure payment option. Ask if your provider has a secure, online payment option rather than handing your credit card over to the billing department. Many health systems use big-data screening and analytics to flag possible security breaches before data is stolen.
Health-care providers are struggling to keep up with these increasing security attacks and need to partner with health-care payment vendors who prioritize security and data safety at every transaction. Patients need to be as vigilant as possible.