Increasingly the sobering truth is that privacy exists only in the analogue world and this is coming more true for medical records. Recent hacks and leaks into the DNC, Pentagon and raids against the major retail giants have shown that no monolithic corporate body is safe. Once data is put into digital electronic form it can penetrated or stolen. Health care is proving to be no exception.
For hackers, there are huge payoffs. Individual health histories contain valuable patient information. Recently, Community Health System in Franklin Tennessee got hit hard in 2015. Chinese hackers broke into multi-hospital security systems and stole personal data on about 5 million patients.
More recent attacks on Blue Cross & Blue Shield of western NY were also quite extensive. Excellus even waited over a year to inform it’s subscribers of the damage done. They waited as the issues were sorted out and damage was identified.
Today laptops are more common in the exam room than the stethoscope. As a result, patients have to understand the privacy policies and procedures and be aware when their personal records may be shared.
This is particularly true since certain parties are exempted from Hippa requirements. This means information can be shared without an individual’s consent. Information such as treatment payment or reviewing health care options.
Medical offices are suppose to share only pertinent information regarding a patient’s case. The truth is they typically send the entire file as it’s easier than isolating the required part of the history.
Additionally, one of the added headaches is that incorrect information in the patient record can lead an insurer to change your higher premium for disability, life or long term care insurance.
Fortunately, there are some simple things to do to safeguard yourself:
1.) Don’t answer irrelevant questions when filling out the case history forms at your doctor’s office. If you’re having your toe nails cut at the podiatrist office, your provider doesn’t need to know whether your parents are alive or whether you have ever been treated for substance abuse. If it’s that critical your provider will raise the issue.
2) Don’t engage in online surveys. If you visit chat rooms and forums, don’t identify yourself. You don’t know with whom these sites will share your information.
3) Be careful when participating in free or low cost screenings. Things like blood pressure and cholesterol offers. Sometimes they will bury you with offers from pharmaceutical companies and drug store chains.
4) When paying your routine co-pay try and use cash or check to the doctor. Maybe your provider has to follow Hippa regulations, but financial institutions can share that data with their insurance affiliates.
You can avoid having your medical records extracted to limit costs and benefits or used for targeted advertising by big business by keeping your information secure.
It’s almost naive to think a person’s medical record belongs to them in today’s digital world. However, the above precautions will help. Be smart about what information you share and don’t be afraid to ask about your provider’s privacy policies.