From standard identity theft to using your information to provide their own free healthcare programs, hackers can do a whole lot more with stolen healthcare records than they can with stolen banking information these days. One of the major reasons why hackers are so successful with healthcare records is that it is much harder to detect and shut down suspicious activity regarding your healthcare records than it is to identify and stop hackers who enter your bank account. This new trend in hacking presents an additional set of cybersecurity risks for patients. Although you may feel somewhat helpless when it comes to controlling how your medical records are viewed, shared, and used, there are some steps you can take to better protect yourself against potential healthcare hackers. Here are five tips for securing your healthcare records against online thieves.
1. Follow basic password security practices
Although the basic practices for online security have been drilled into every Internet user’s head a million and one times, many Americans still neglect standard safety precautions in their daily interactions with tech. According to a survey of Internet users in the U.S., 59% of millennials said they stored their passwords in their browsers, despite cyber security experts’ constant reminders to save passwords in a more secure storage space. In the same survey a dismal 18% of participants said they stay up to date on antivirus software updates, and 50% said they connect to public WiFi on at least a weekly basis. The moral of the story? We have to establish better online behaviors if we want to keep hackers out of our private information. One of the most basic ways you can protect your online medical records is to use a strong and different password for each of your accounts. You should also avoid storing your passwords in your browser and instead opt for a secure password manager if you have trouble remembering each of your passwords. You should also update your antivirus software as soon as possible when you receive update notifications to protect your devices from malware attacks. If you must log on to a public WiFi network while you’re out and about, it’s also important that you know and understand the dos and don’ts of using public WiFi.
2. Give your provider a different email address
Chances are you have more than one email address in your name. If you typically use one of these email addresses to access your bank accounts, social media profiles, etc., avoid giving this same email address to your healthcare providers. Instead, use an email address that you rarely link to other services. This will help you take some of the value away from your healthcare records should they be acquired by hackers. Another way to make your information less useful to hackers is to enable two-factor authentication on all of the personal accounts that you can. For example, enabling two-factor authentication on your gmail accounts will make it so that each time an attempt is made to access your account from a new device, another form of verification will be required to get in such as a text message or a phone call with a unique pin.
3. Avoid giving your provider too much information
We’ve all been told that we should share everything with our medical providers in order to receive the best healthcare possible. While this is usually the case when it comes to information regarding irregularities with your body, it doesn’t hold true for personal identification information. When it comes to things like your tax information or your social security number, you don’t need to share everything with your provider. Although you might need to share some of the standard information like your home address and payment information to be treated, additional identification materials are rarely necessary. NBC news reports state that even sharing the last four digits of your social security number could pose a potential threat to your privacy. When you see fields on patient forms that leave you feeling a bit uncomfortable about the information your provider is requesting, don’t be afraid to ask questions. Why is the information necessary? Are there fields you could skip over?
4. Use pin codes on IRS returns
Victims of identity theft often find out their information has been compromised at the end of the year when they file their income taxes. To protect your tax information from being compromised, you can use an identity protection PIN. This is a six-digit number that the IRS can assign to taxpayers in order to help them prevent misuse of their social security numbers on fraudulent tax returns. Unfortunately, not everyone is eligible to receive a PIN. If you filed your taxes in Florida or the District of Columbia last year, you are eligible. You are also eligible if you’ve ever been a victim of tax fraud or if you have received an invite from the IRS. If you’re eligible, you can start the process of obtaining an identity protection PIN with the IRS.
5. Ask how and with whom your records will be shared
Be sure to ask your healthcare provider where and with whom your medical records could potentially be shared. Express your concerns surrounding recent healthcare hacks and gauge your provider’s concern surrounding the issue. Maybe even ask what steps their office or larger firm is currently taking to secure your information against hackers. Look for queues cues that your provider is taking the necessary steps to protect patient information. If you’re concerned that your doctor’s standards may be too lax, the best advice may be to change doctors. As with all cybersecurity efforts, protecting yourself against healthcare hackers completely is impossible. However, implementing smart online and offline security practices can help you significantly reduce your likelihood of being hacked as well as decrease the potential impact you’d face if you were hacked.