Like many sectors of the economy, the healthcare industry regularly suffers data breaches. Healthcare analytics company Protenus has found that nearly 32 million patient records were breached between January and June 2019 alone.

Alarmed? You should be. However, there are steps you can take to reduce the risk that thieves will obtain your medical records and use them for nefarious purposes.

Why they are valuable

Unlike other types of personal data, healthcare records command a hefty premium on the black market. That is at least partly because criminals can potentially use information about an individual’s health to blackmail him or her.

Also, stolen medical records include valuable details about people’s identities. In fact, there is usually enough information in medical files to facilitate extensive identity theft. These schemes can involve health insurance-related fraud as well as financial account and tax fraud schemes.

What you can do

The following four steps can help you protect your personal medical and other data:

1. Be careful what you share with providers. Healthcare providers typically ask for a lot of personal information, including your Social Security number. But you are not obligated to provide it. If in doubt regarding whether a piece of data is critical to receiving care, ask your provider. If the provider says the information is necessary, learn how it plans to use the data —and protect it from thieves.
2. Read the small print. Apply the same caution to healthcare apps. Only provide access to data that is critical for the service. Read the service provider’s terms and conditions and its privacy notice so that you understand how and where your data might be used.
3. Closely review insurance statements. Sometimes the first sign of identity theft is an insurance company statement detailing medical services you did not receive. Go over every insurance document and contact your insurer and the medical provider immediately if you spot any discrepancies.
4. Do not assume privacy online. Revealing personal details online (for example, with a large group of ‘friends’ on social media) may provide criminals with enough information to steal your identity. Keep in mind that a dedicated criminal could piece together a detailed profile of you simply by visiting multiple sites where you are active.

If your data is compromised

If you fear your healthcare information was included in a data breach or has otherwise been compromised, consider contacting the three major credit bureaus to freeze your credit file. This prevents the unauthorized creation of new accounts. Also step up your monitoring of insurance statements to make sure no one is filling prescriptions or making office visits in your name.