HIPPA secures your data that is held by a provider or health insurance firm. However, HIPAA rules do not apply if your information is shared with an organization or person not covered by HIPAA. For example, if you post your health condition information on a message board, social media, open email – it is not protected.
NEVER post anything online that you do not want made public. With the plethora of social media sites and constantly changing security setting updates, vigilance and caution is the key prevention.
Medical Identity Thieves
If you have your health information stored on a computer, make sure you keep your data secure with a strong password with at least 12 characters minimum made up of numbers, symbols, capital letters, and lower-case letters. If you opt for a password manager application, be sure to fully vet it for the most robust encryption.
What medical identity thieves do is try to obtain drugs, medical treatment, or even surgery by attempting to use your information.
In fact, one breach can wreak havoc with stolen identities from hundreds of people.
You can protect from this possibility by verifying any source you decide to share data with and shred any healthcare forms. However, if you think that your information was compromised in any way, you can file a complaint with the Federal Trade Commission.
Social Security Number (SSN)
It may sound a bit far-fetched, but the Identity Theft Resource Center says that almost 50% of identity theft originates in the healthcare sector in medical offices, hospitals, insurance carriers, diabetes supply distributors, etc.
The route to your information often comes from your social security number. Be very cautious when banking, financial institutions, nonprofits and many other companies request it. They usually do it because if you do not pay, it is easier to turn your account over to a collection agency.
Beware of Phishing
It might sound like a no-brainer, but never post your SSN anywhere on a social site or send it in an email. If the number is needed for 1099 purposes, for example, when an accountant might ask for it, you are better off calling and giving the number to the accountant by telephone.
Also, beware of phishing. This occurs if you receive an email from someone saying they are the Social Security Administration. The subject line says something like “get protected” with an urgent call to action. The email goes on to say the government is trying to protect your personal information and if you only click this link, you will be protected. Of course, if you do, a virus is downloaded onto your computer allowing thieves to collect your personal information.