Last week I talked about the growing menace of medical identity theft. The FBI estimates that 1.42 million Americans were victims of medical identity theft in 2010. A 2011 study on patient data privacy and security by the Ponemon Institute estimates the annual economic impact of medical identity theft to be $30.9 billion.
The Federal Trade Commission wants to help. While it says there probably is no way you can guarantee you won't become a victim, there are some things you can do to minimize your exposure.
The FTC calls it "An Ounce of Prevention."
Verify a source before sharing information.
Don't give out personal or medical information on the phone or through the mail unless you've initiated the contact and you're sure you know who you're dealing with. Be wary of offers of "free" health services or products from providers who require you to give them your health plan ID number. Medical identity thieves may pose as employees of insurance companies, doctors' offices, clinics, pharmacies, and even government agencies to get people to reveal their personal information. Then, they use it to commit fraud, like submitting false claims for Medicare reimbursement.
Safeguard your medical and health insurance information. If you keep copies of your medical or health insurance records, make sure they're secure, whether they're on paper in a desk drawer or in a file online. If you are asked to share sensitive personal information like your Social Security number, insurance account information or any details of your health or medical conditions on the Internet, ask why it's needed, how it will be kept safe, and whether it will be shared. Look for website privacy policies and read them: They should specify how site operators maintain the accuracy of the personal information they collect, as well as how they secure it, who has access to it, how they will use the information you provide, and whether they will share it with third parties. If you decide to share your information online, look for indicators that the site is secure, like a lock icon on the browser's status bar or a URL that begins "https:" (the "s" is for secure). Remember that email is not secure.
Treat your trash carefully. To thwart a medical identity thief who may pick through your trash or recycling bins to capture your personal and medical information, shred your health insurance forms and prescription and physician statements. It's also a good idea to destroy the labels on your prescription bottles and packages before you throw them out.
This last piece of advice hit home, it was not something I have considered. When I get a prescription renewed I simply discard the old empty bottle in the trash and the label contains a lot about the medicine and about me. Do you? I won't in the future.
If you want to see the complete FTC release on medical identity theft log onto: