Your doctor may not be keeping your personal info as secure as you think

Written by |

HIPAA, the Health Insurance Portability and Accountability Act of 1996, is a federal law that protects your personal medical information — meant to keep it private and secure.

However, recent breeches have been discovered related to HIPAA, compromising people’s security and their confidential medical information. 

HIPAA violations & privacy concerns

The federal Office of Civil Rights is in charge of regulation and oversight of HIPAA, but an analysis by investigative reporting nonprofit ProPublica revealed that there are many healthcare providers who have violated the law and their patients’ privacy repeatedly without consequence. 

Read more: The #1 way to prevent identity theft at medical offices

The top offender over the past four years has unfortunately been a part of the federal government – the Veterans Administration. There have been 220 complaints filed against the VA, including one incident where an employee posted a veteran’s confidential medical information on Facebook.

In addition, well-known pharmacy chains CVS Health, Walgreens and Rite Aid have had complaints, as well as Kaiser Permanente and Walmart. 

An official for the Office for Civil Rights told ProPublica that their focus has been larger breaches — where 500 or more people have been affected — instead of the smaller ones, where breaches are investigated but may not be punished. However, the department did remind CVS of its obligations to improve privacy protections under the law. 

How to keep your medical records secure

Although we might not feel like we have a lot of say these days in protecting our personal medical information, there are a few things you can do to be proactive regarding your health records.

1. Never give out your social security number

This is a top tip! Never give out your Social Security number. This is an open door for exposure of your information — especially at hospitals and medical offices.

2. Be aware

Research the health care providers and pharmacies you use and be sure they are not linked to the disclosure or sale of medical records. Also, avoid filling out any health screening questionnaires at malls and other public places that may gather and distribute your medical information.


Read more: The #1 way to prevent identity theft at medical offices

3. File a complaint 

If you believe your information has been compromised, you can file a complaint with your provider, health insurer or with the U.S. Department of Health and Human Services. Keep in mind, you must file a complaint within 180 days of the incident.

In addition, contact the person or entity responsible for the disclosure, ask them to retrieve the disclosed records, and request that whoever received them destroy the copies. 

Read more: Don’t give your Social Security number at these places!

4. Shred documents with sensitive information

Use a shredder for papers that contain financial or other personal, sensitive information before recycling. Clark has had many of his radio listeners suggest you should mix up your shredded financial papers with a dirty diaper if you have young kids. That will definitely deter an identity thief any day of the week!

5. Freeze your credit

Finally, freeze your credit if you’re really concerned about limiting any damage from possible identity theft — at medical offices or anywhere else!

  • Show Comments Hide Comments