When last week’s security breach was announced by Anthem, the second largest health insurance company in the U.S. (a subsidiary of Blue Cross and Blue Shield), security officials warned that healthcare organizations will continue to be targeted in the future.
Medical identity theft is a hot commodity for one reason alone – cash. While Anthem’s breach did not include medical records or claims information, the names, birthdates and Social Security numbers taken are still worth a premium on the black market. With that data, thieves can use the information to get prescription drugs, order tests or see a physician, driving up medical bills and altering an innocent person’s medical record. The New York Times reports a stolen credit card is worth about 33 cents in the underground world; it’s low value attributed to, among other things, the fact that credit cards can be shut down quickly, giving the thief a small window of time to spend. A personal medical file can fetch $251, and has a much slower processing time lag, giving thieves maximum opportunity.
So how can healthcare organizations be trusted?
One of HealthCare.com’s goals from inception was to allow consumers to shop for health insurance plans anonymously. We do not require names or sensitive personal information in order to get a quote for coverage. If a customer wants to save a search or a particular healthcare plan, an email address is the only identifier required to set up an account. Individuals can come and go from the website and run hundreds of quotes for free. When they decide on the plan they wish to purchase, they can forward on to one of our insurance partners to enroll, or call a licensed agent to enroll over the phone. At HealthCare.com, the health insurance quotes and information provided are meant to make you a smart healthcare consumer – confidentially.
What can you do to protect your medical identity? Pay attention. The Federal Trade Commission advises consumers to read the Explanation of Benefits you receive in the mail. Is the doctor or facility one you have visited? Does the treatment explanation match medical care you have recently received? If not, contact your health insurance company. In addition, federal law allows you to get a copy of your medical records. Contact your doctor, clinic and pharmacist if you want to check your records. You can also ask your health insurance company and medical providers for an “account of disclosure” every 12 months. This will tell you what information the medical provider sent to a third-party, and who that individual or company is.2
Being a medical patient holds a certain amount of responsibility. It’s important to look for warning signs of fraud. But shopping for a health insurance plan shouldn’t be scary. You should always be in charge of who you give your information to, and make decisions based on your own personal choice.
1 “Data Breach at Anthem May Lead to Others.” The New York Times. Feb. 6, 2015.
2“Medical Identity Theft.” Federal Trade Commission. Aug. 2012.