Unfortunately, physicians are not immune to the growing threat of identity theft and data breaches. Check out our guide to keeping your personal information secure.
When David S. Katz received the ominous notice that his Social Security number may have been “compromised” in a data security breach involving nearly a half million patients and their physicians, it made him re-think his own efforts to protect himself from identity theft.
“Most physicians don’t consider it to be that much of a problem until someone close to them gets affected by it,” says Katz, a Milford, Conn., surgeon.
Katz, who is president-elect of the Connecticut State Medical Society, says he didn’t experience problems after the breach, but the society pushed for better security measures from Health Net, the insurer responsible for the missing medical and financial information.
Health Net officials, for their part, offered two years of free credit monitoring services to those affected, but so far no reports of misuse have been filed, according to a spokeswoman for the Woodland Hills, Calif., company.
Meanwhile Katz urged colleagues to upgrade even the shredders they use at home and to be careful with how they dispose of old home copiers, because they typically have memory devices that are difficult to erase.
As careful as he is, however, Katz and physicians like him are still at significant risk when it comes to identity theft. At the same time, they are facing new federal requirements to safeguard patient data. The upshot? Don’t forget about your own identity protection while you worry about that of your patients.
Jay Foley, cofounder of the nonprofit Identity Theft Resource Center (www.idtheftcenter.org), offered these tips for keeping physicians’ personal financial lives safe from thieves out to pilfer medical and other identifying information:
Also consider hiring a credit monitoring service, which can alert you quickly if financial data gets into the wrong hands. Keystroke protection software is also gaining in popularity, which encrypts personal data as it is typed into a site, says Paige Schaffer, vice president and chief service officer for Europ Assistance USA, an identity theft protection firm. Inexpensive software is available that can be installed on a personal computer and when the user goes online to purchase something or input personal data, the keystrokes are automatically encrypted.
“The key thing to keep in mind about blending medical information you might have with your own personal data is to not have active Internet service while working with sensitive data,” Schaffer says. “Avoid logging onto the Internet while conducting any work-related business. And if you’re bringing patient files home (paper or electronic), make sure you have a system for locking up those files and know who has the keys.”
Here are a few more tips on prevention from Europ Assistance USA:
1. Never give your personal information by phone, Internet, or e-mail unless you initiated the request.
2. Destroy digital data when you sell, trade, or dispose of a computer, hard drive, recordable CD, or DVD.
3. Use the highest level privacy settings on social media sites.
4. Windows by default hides file extensions (e.g. .exe or .jpg). Unhide the extensions to avoid unknowingly downloading malicious software.
5. Mail bill payments and checks from the post office, not your home where they can be stolen from your mailbox.
6. Use encryption when on wireless networks.
7. Request annually from your health insurance company a list of benefits provided and review for any fraudulent activity.
8. Monitor expiration dates on your credit cards and contact the issuer if you don’t receive a replacement prior to the expiration date.
9. Ensure that your passwords are complex and include upper and lower case letters, numbers and special characters.
10. Ask about information security procedures in your workplace or at businesses, doctors’ offices or other institutions that collect your personal information.
Janet Kidd Stewart is a freelance writer based in Marshfield, Wis. As a contributing columnist for the Chicago Tribune, she writes a weekly, syndicated retirement column called “The Journey” that appears in Tribune newspapers across the United States. She holds a bachelor’s degree and master’s degree from the Medill School of Journalism at Northwestern University. She can be reached via email@example.com.
This article originally appeared in the July/August 2010 issue of Physicians Practice.