Credit Cards Center Credit cards from our partners

Medical Data Breaches: Why Your Doctor Might Need a Check Up

blog-Medical-data-breachesThink about the last time you went to the doctor’s office. Did you fill out a form with your Social Security number (SSN)? Were you prescribed any medicine? Did you disclose past allergic reactions?



Now think about what an identity thief could do with that kind of information. There’s a myriad of options, which is one of the reasons why medical identity theft impacted almost half (43%) of all identity theft victims in 2013. To get your information, an identity thief might hack your doctor’s digital filing system, find records leaked on file-sharing sites by an employee, or simply steal your doctor’s laptop. No matter how the data breach occurs, you’re left cleaning up a potentially life threatening mess. Here are just three potential scenarios.



Scenario #1: Using your identity for treatment
With your insurance and medical history in hand, an ailing thief could use your identity to visit a doctor’s office, receive treatment and bill it to your insurance company. You’re not only stuck with a fraudulent insurance bill, but now, that thief’s activity is on your medical history which could impact how your doctor treats your future medical problems. Altered allergy records, procedure history and hereditary information could put you at risk for getting the wrong treatment.



Scenario #2: Putting together a complete identity profile
Often times, identity thieves have to pull bits of information about a victim from different places— an SSN here, a home address there. But if identity thieves get a hold of your medical files, they have your entire identity profile: name, address, birth date, SSN, and maybe even a credit card number. With a full profile, an identity thief could open new accounts, take out a loan or commit crimes in your name.



Scenario #3: Selling your information to other crooks
Not all identity thieves are in need of a new name. Some of them are in it to sell your personal information to others in need of a new name — immigrants, terrorists, people with criminal records, and crooks after your money. After stealing your personal information from a doctor’s office, an identity thief could sell your information, piece by piece, on black market websites. (Read more about a recent crackdown on a large black market website here.)



There’s a long list of crimes identity thieves can commit with your information, and almost half of them could be prevented by better security at medical offices. Ask your health care provider what security measures they have put in place, urge them to do more and spread the word. The California Department of Justice put together this helpful report that details how health care providers, payers and information organizations can help prevent the crime.



Have you known anyone who’s been a victim of identity theft? Tell us your story in the comments below.

About Kelsey Havens

Kelsey Havens is a writer, financial health enthusiast, consumer protection advocate and Content Manager at myFICO. Connect with her on Google Plus: +KelseyHavens


  1. Patricia K Correia says:

    Usually it’s due to carelessness. A couple years ago a lot of Tri-Care records were stolen because someone took them home, his car broke down, he left the records in the car.

  2. When this is information is leaked by financial institutions, they are legally required to provide adequate credit monitoring. Do doctors offices also have this obligation?

  3. As a past clerical worker at a doctor’s office I always wished we had electronic patient files. Now I see how that can become a huge issue if that data is compromised.

Disclaimer: This content is not provided or commissioned by a credit card issuer. Opinions expressed here are the author's alone, not those of a credit card issuer, and have not been reviewed, approved or otherwise endorsed by a credit card issuer. This site may be compensated by credit card issuers mentioned on the site by such companies.