One of the favorite strategies of cyber criminals is identity theft. One of the chief vulnerabilities is your healthcare records, which can contain a great deal of personal information. A criminal can use it to open false financial accounts, obtain drugs or medical service, and ruin your good name and credit.

Multiple Risks

The risk is not just from random hackers, but people who specialize in medical fraud. This can consist of phony “clinics” that make fraudulent Medicare or Medicaid claims, then cash the government checks and disappear.

Even medical professionals fall prey to the temptation by adding false charges for patients they’ve never seen, or help themselves to “prescriptions” in your name that your insurer pays for. Healthcare employees can copy your information and sell it to identity thieves.


In 1996, the federal government passed the Health Insurance Portability and Accountability Act to protect patient information. Healthcare providers along with related companies like insurers are required to have safeguards in place, such as encryption, restricted access, and transparency into how your information is used.

You also have the right to review your own medical history. To reinforce patient privacy, providers that fail to comply with evolving regulations face fines of up to $50,000 for each violation.

Staying Compliant

Nearly every medical establishment today is using some form of EMR (electronic medical records) system. Many are cloud-based and support sharing of medical records to wherever they are needed. Every facility has to require of their partners that they conform to HIPAA requirements.

This suggests a growing need for digital training of provider staff. Today we find health information management degree programs to produce specialists with lots of knowledge about the digital element of healthcare. Someone specializing in this field can help to reduce the risk of identity theft.

The Honor System

Even with HIPAA regulations and new training, many patients feel they are left trusting the medical establishment to protect their data. Even with the best intentions in place, however, accidents happen. Hospital computers and networks are favorite targets for malicious software such as spyware and viruses, along with scam emails.

Home workers such as medical billing specialists can also be compromised or make poor judgement calls that expose your information.

To reduce the risk of identity theft, it’s important that you take advantage of your right to check your medical history. Go over every billing statement. Healthcare facilities are required to report data breaches, but with the risks involved you can’t afford to rely on them 100 percent.