healthcareImagine finding out from your doctor that you need to undergo treatment for a serious condition, but when you submit a request to your insurance company, you are denied. The reason? There have already been too many claims in your name over the past year. After doing some research you find that none of those claims have been made by you or your doctor. It looks like you have joined millions of other Americans as a victim of medical identity theft. As cyber attacks on the healthcare industry rise, so do the numbers of people whose identities have been misused by others to gain medical benefits. The dangers of this type of identity theft range from potential loss of money from billing disputes and denied coverage to life endangerment due to misdiagnosis or being issued the wrong medications. Recent information indicates that the healthcare industry is at high risk of cyber attacks — which means you are at risk as well. What can you do to protect yourself?

Healthcare ranks poorly when it comes to cyber security

According to email security company Agari’s 2014 State of Email Trust Report, the healthcare industry ranks lowest when it comes to email security — meaning its customers are at high risk for falling victim to cyber attacks through email. The Trust Report surveys companies from a wide range of industries and ranks them according to their “TrustScore,” which is determined by how well companies implement email security protocols. Healthcare ranked last with a TrustScore of just 17 — compared to the top-ranked score of 67 for social media. This means that an email from your insurance company is four times more likely to be fraudulent than an email from a social media company.

Protecting customers from malicious emails is just one way healthcare is dropping the ball, but of course, that’s only one problem area. Lax security across the board means that more data breaches like the massive Anthem breach, which exposed the information of up to 80 million people, could be on the horizon. A recent study by the Ponemon Institute indicates that millions of Americans have been victims of medical identity theft — and that number is bound to go up.

How can I protect my family and myself?

There are a few steps you can take to try and help keep yourself and your loved ones safe.

1. Request a copy of your healthcare provider’s privacy policy. It is important to know what your doctor, hospital and insurance company are doing to keep your information secure. Knowing how your data is stored and secured, as well as what the healthcare provider’s plan for disposing information down the road can help you make better informed choices about who to trust. If you aren’t confident in your healthcare provider’s ability to protect you and your information, how can you count on them to take care of your health? Providers should be transparent about these issues and provide you with copies of their privacy policies when requested. Don’t be afraid to ask questions if you aren’t able to find out what you want to know from reading the policy.

2. Don’t give up your social security number easily. Most doctor’s offices ask for your social when you fill out forms, but it’s not usually necessary for you to give it out. This number is an easy method of identification, true, but putting your number on a piece of paper means it is now out there and you don’t have control over what happens to it. That piece of paper might be destroyed properly, but it could also wind up in an unlocked filing cabinet or a trash bin. If you are questioned about your choice, explain that you are concerned about identity theft and ask if another means of identification will be satisfactory. Most offices, however, won’t even raise the question.

3. Remember that children can be victims, too. Many people don’t realize that children are at risk for identity theft just as much as adults. What’s worse, because child identity theft is harder to detect than it is for adults, the consequences can be even more damaging. A child whose medical identity is stolen and used early in life may reach adulthood and be faced with sky-high insurance premiums — all because someone else took advantage of their information when they were still minors. Healthcare breaches, unlike those in the retail sector, expose the information of adults and children alike. That’s why parents should take steps to secure and protect your child’s identity as soon as possible.

4. Be on the lookout for suspicious emails and phone calls. Because the healthcare industry ranks so poorly in email security, you should be wary when it comes to emails that are purportedly from your insurance company or other medical providers. Don’t click on links in emails if you can help it — if you receive an email that says there is an alert on your account, close the email and visit the provider’s website directly to log in and check it out. Likewise, be suspicious when it comes to phone calls claiming to be from your doctor or insurance company. If anyone calls to ask for your personal information, don’t be hesitant to question why they need that information or hang up and call back using a phone number found on a billing statement, business card or the provider’s website.

5. Sign up for identity theft protection. Although it can’t outright prevent identity theft — nothing can — a reputable identity theft protection service will help keep you alert and ready if your information is stolen or misused. The top services provide monitoring of your personal information, including your social security number, on various Internet black market channels, public records and more. Most also provide credit reports and scores, so you can keep an eye on what’s happening with your credit report. TrustedID goes one step further and helps you request medical records from your healthcare providers, so you can ensure no one has been receiving benefits in your name. TrustedID is also a great service for families, because it provides coverage with its family plan for all people living in the same household for just $18/month. Read our comprehensive reviews to learn more about TrustedID and other identity theft protection services.

Holding your healthcare providers accountable, as well as doing your part to be vigilant and protect your information, is the key to surviving in a world where it seems like there’s a new threat around every corner. Learn more about protecting your identity by following our identity theft protection blog.