There are few topics hotter than the protection of data on the Internet these days. And nothing is more sensitive than health data for patients. Why? Because an electronic health record (EHR) contains the most vital information about a person including their:
In previous years, the most frequently stolen documents online were credit card and debit card information, but hackers and cyber criminals found that Internet security was a constant threat to those scams being successful. When people would find their credit card or debit card information had been stolen, they could quickly call their bank or financial institution, which in turn would lock down those cards, rendering them useless to thieves or anyone else attempting to use them.
Over time, some banks and credit card companies have begun to use predictive analysis software to temporarily suspend accounts if it even looks like suspicious activity is going on. In that rationale, thieves could not even get away with a single fraudulent charge before the card is shut down.
Why Health Records?
Health records contain almost all of the same information as bank and credit cards with the added bonus: It’s hard for an individual to realize their information has been stolen. That’s because the average person isn’t using their EHR to do anything, they are largely used by doctor’s offices and insurance companies to verify information and bill for medical services. But a hacker with access to them is using them for other purposes - buying medical prescriptions, creating illegal documents like driver's licenses, or even trying to register for credit cards or personal loans. If it works, great; if not, no sweat off the criminal’s back.
About the only way for the consumer to catch wind of this is if they regularly check their credit and notice a sharp decline in score from failed attempts to get a loan.
How to Protect Yourself
When you trust your EHR to a doctor’s office or your insurance company, it is well within your rights to request information on how those entities are protecting your information. In most modern countries, the hosting company must follow modern protocol on how this information is protected so it is not compromised. In the EU this is called the General Data Protection Regulation (GDPR) and in the US it falls under the 2010 Affordable Healthcare Act. Violators of these acts are harshly punished.
The average citizen can further protect themselves with regular checks of their credit scores and by protecting themselves by signing up for regular credit monitoring services. In this capacity, they get alerts whenever something affects their credit score negatively. Doing this allows you to see immediately if something suspicious is on your credit score and fix it just as quickly.
If you are in regular contact with your insurance company or doctor, make sure you have a strong antivirus software like Malwarebytes to keep your documents safe. Also, consider using a VPN when you send or receive sensitive information about your healthcare records.