Skip to Content
medical data

8 ways to protect yourself from a medical data breach

Living in a high-tech world where the minutia of our lives is digitized has a lot of consequences when it comes to our personal data. One of the most sensitive types of data is our medical information, which can range from insurance documents to personal data on medical care and conditions.

While the U.S. has enacted protections aimed at keeping patient data private, a recent study in the Journal of the American Medical Association gives us a sobering reminder that hacks can still happen.

The study identified reported data breaches involving 29.1 million patient records between 2010 and 2013.

Our medical data, just like our social networking or banking information, can be at risk, but there are steps we can take to protect ourselves, especially when it comes to the growing problem of medical identity theft.

Monitor your statements and records

Medical identity theft is a serious issue that happens when thieves steal your personal data and use it to see doctors, obtain prescriptions, or file claims. Keep an eye on your medical records and check your doctor and insurance statements for any unusual activity.

The Federal Trade Commission warns consumers to look out for bills for medical services you didn’t receive, calls from collectors about medical debt, or notices from your health plan about reaching your benefit limit. Carefully check statements and read through “explanation of benefits” mailings to make sure they match up with the time, place, and services you actually received.

To be even more proactive, you can request copies of your medical files or check your online records for accuracy. Contact your healthcare provider or insurance company if you suspect your identity may be compromised. You can also file an official police report or follow the instructions for reporting through the FTC’s website.

Skip the social security number

You doctor’s office might request your social security number, but you aren’t obligated to share it. If you come across a form that asks for your SSN, you should be able to just leave that spot blank. This gives you an extra layer of protection in case of medical identity theft.

Even the American Medical Association is against the use of social security numbers, saying, “Our AMA policy is to discourage the use of Social Security numbers to identify insureds, patients, and physicians, except in those situations where the use of these numbers is required by law and/or regulation.”

Medicare recipients were once required to use their SSNs, but a new initiative gives Medicare users cards that don’t display this sensitive information. The agency is currently in the process of issuing these new cards, so be on the lookout if you haven’t received yours yet.

Guard your card

Your insurance card should only be shared when absolutely necessary, like when you’re checking in at your doctor’s office. If your card is lost or stolen, then contact your insurance provider for a replacement and ask about getting a new ID number issued.

Think before you post online

A lot of people turn to online forums or social media when they have medical questions, but think carefully before posting information online. Don’t post anything you don’t want to become a part of the public record. Identity thieves may also check your social media posts in order to gather more information on you.

Scrutinize health apps

Health apps are all the rage, whether you’re tracking your workouts or self-monitoring a medical condition. Before you start sharing information with an app, take the time to read the terms and conditions and privacy policy to understand how your data may be used. What data does it collect? Will your information be shared with others? Is your data stored online? If you have doubts about how the app will protect your privacy, then you may want to pass on using it.

Use a strong password

It’s incredibly convenient to be able to access your medical records or insurance information online, but that means you need to be extra careful in crafting a password to protect your vital data when you set up your account. Check out our guidelines for building a strong password.

Beware of email and phone scams

Medical identity theft can start in much the same way as regular identity theft: with a scammer reaching out over email or through phone calls or text messages that try to trick you into giving out your personal information. Follow our tips for protecting yourself against identity theft and don’t hesitate to reach out to your doctor or insurance provider directly if you’re not sure if a piece of communication is authentic.


It’s not just digital information we need to worry about. Sometimes healthcare processes can generate a pretty extensive paper trail. If you no longer need a document, like a copy of a bill, a report, a physician statement or an insurance form, then shred it rather than just tossing it into the recycling bin.

Your medical information should be guarded with the same care as your banking and other private data. One of your best protections is to keep yourself informed. Monitor your records and files and take sensible precautions with websites and apps.

Refer friends, earn rewards

Share your source of digital lifestyle news, tips and advice with friends and family, and you'll be on your way to earning awesome rewards!

Get started