How to Secure Your Protected Health Information?

According to a cybersecurity company, Protenus, there were 477 healthcare information breaches reported to the United States Department of Health and Human Services in 2017. It appears to be the attempts to steal someone’s protected health information were carried out at least once a day. Truth be told, the number of such breaches did not increase so dramatically compared to numbers in 2016. However, there was a drastic decrease in the amount of affected patient records and Protenus predicted in their report it should decrease even more in 2018. It is said the number of stolen healthcare information is smaller because health institutions that store protected health information are taking more and more measures to keep it safe. Nonetheless, it is essential to understand your data security will always be at risk if you do not take precautions yourself. The loss of health information might be bad news for everyone as it could cause problems for patients and result in precious healthcare money being wasted. Therefore, in this blog post, we will talk about what each of us individually can do to ensure our health information does not fall into the wrong hands.

To some of you, it might seem strange someone could find your healthcare information useful, but the truth is depending on the stolen data the criminals might take one’s identity, seek to get treatments or prescriptions instead of the person, and so on. Not to mention, along with your protected health information there could be other sensitive data cybercriminals might be interested in. Since healthcare information breaches seem to be only increasing, hospitals, insurance companies, and other institutions storing it are looking for effective ways to keep it protected because each incident might make their clients lose trust in them or ruin the reputation altogether. Given a massive amount of attacks are performed by insiders (or to be more precise the institution's personnel), it is only natural a lot of attention goes to monitoring accesses to patient records. Additionally, security specialists recommend educating the staff, encrypting sensitive information when it is stored on removable media devices, securing wireless networks, and so on.

Health Care Institutions Have a Duty to Secure Information As Well

Unfortunately, as we said earlier, even if the health institutions storing your protected health information put a lot of effort in keeping it safe, your data security could be still compromised if you do not take necessary precautions yourself. For example, there are a lot of scammers who may pretend to represent your hospital, insurance company, or other health institution and it is up to you not to reveal any healthcare information to them. Generally, it is advisable not to borrow or share insurance identification to anyone offering medical services. Also, posting online something about your health condition might seem innocent, but specialists recommend doing it with caution, so you would not reveal any sensitive information that could appear to be useful to cybercriminals. For more information on how to protect your healthcare information online, you should continue reading here.

Furthermore, patients are encouraged to keep track of their medical records, because in case they get fabricated, and someone attempts to, for example, bill the insurance company without your knowledge, there would be proof it was illegal. It might look obvious, but some may not realize it is not enough to keep such records, they must be kept safely so no one could access and misuse them. For instance, users may protect healthcare information they store on their devices with passwords. Documents containing sensitive data could be placed in password-protected folders or archives. In which case, we would also recommend making sure the password keeping your protected health information is strong enough. Usually, security specialists advise creating long random passwords from letters, numbers, and even symbols. The reason why memorable passwords that have any meaning to you like passwords from one’s name and birthdate are not good enough is hackers could guess them if they have information about you.

How is Your Health Information Used or Shared?

Another smart thing to do would be finding out how your healthcare information will be used, shared, and what measures will be taken to protect it before providing it. Of course, if you are asked to provide it online, you should read the service provider’s Privacy Policy and End User License Agreement documents. Verifying the site is legitimate and trustworthy would be advisable as well. Next, security specialists recommend being extra cautious when you are asked to provide sensitive information after clicking on links received via Spam emails because they could be fictitious. Same goes for situations when the user might be asked to reveal his protected health information over the phone, email, etc. If you feel something could be wrong, it is best to do some research first. Also, those who believe they might be possible victims of fraud are encouraged to report it to their health insurer or provider.

At this point, some of you might be wondering how one is supposed to realize his healthcare information has been stolen. There could be various signs the victims of fraud might notice after some time, such as a bill for medical services the patient did not get, notices from debt collectors about unpaid medical bills you have never seen, payments for medical services you did not use on your credit card report, denied insurance because your medical records list illnesses or conditions you do not have, and so on. In order to avoid getting into such situations and unknowingly helping scammers to misappropriate healthcare money every one of us should start with ourselves and do all that is in our power not to reveal sensitive information to anyone who could use it for malicious purposes and, also, report scammers as soon as possible.

July 20, 2018

Leave a Reply