ID Theft Resources

What Is Medical Identity Theft?

Written for Symantec

Medical identity theft occurs when someone steals your personal information and uses it to obtain medical services, treatment or drugs. It can also occur when criminals use your personal information to fraudulently bill insurance providers or government programs for medical goods and services never provided.

What’s needed to commit medical identity theft

A fraudster needs your personal information to commit medical identity theft against you. This information might include your Social Security number, name, date of birth, and other pieces of what’s called personally identifiable information (PII). The thief may also use your PHI, or personal health information, including your healthcare data and medical and prescription history.

Something as simple as a lost wallet—with your Social Security card inside—could lead to medical identity theft. The criminal uses that card and other information in your wallet to obtain medical care at a doctor’s office or emergency room. Thieves can also obtain the information as a result of data breaches affecting health insurance companies and other entities. Often, breached data ends up for sale on the dark web.

In other cases of medical identity theft, a doctor or other medical provider might submit insurance claims for services not provided. In 2017, for example, a Delaware psychiatrist was indicted on charges of submitting his patients’ PII for more than $100,000 in insurance claims for visits that didn’t occur.

The costs of medical identity theft

Medical identity theft can be costly. In a study released in 2015, almost two-thirds of victims said they had to pay an average of $13,500 to resolve the situation. When medical identity theft targets insurance providers or government programs, the resulting costs may be borne by the larger population—through higher insurance costs or increased taxes.

Even more worrisome than the possible financial cost of medical identity theft is the potential risk it poses of mingling an identity thief’s health information with your own. That could ultimately put your care in jeopardy the next time you receive medical treatment. For instance, you might receive medicine to which you’re allergic.

How to help protect yourself from medical identity theft

There’s little you can do if medical identity theft occurs as a result of a data breach that’s out of your control. Still, there are some steps you can take to help keep yourself from becoming a victim:

  • Protect your Social Security number. It’s a critical piece of information that can be used to steal your identity for medical and other purposes.
  • Guard your insurance information. Whether you have government or private insurance, a knowledgeable identity thief can put it to fraudulent use. If you lose your card, ask your provider for a new number. Otherwise, someone—posing as you—could use the lost card for treatment.
  • Read your Explanation of Benefits documents. These are easy to ignore because they usually state, “This is not a bill.” But by reviewing them, you can determine if the treatment described—and covered by the insurance company—is familiar to you.
  • Shred all medical-related documents before discarding them.
  • Keep accurate records of all doctors’ appointments and medical procedures. Such records can help you dispute errors and fraudulent claims.
  • Once a year, ask your health insurance provider for a list of benefits that they paid in your name. Does that list match what you know?

If you find that you’re a victim of medical identity theft, there are several steps you need to take. They include asking for copies of your medical records from any provider where your identity may have been fraudulently used and, because you’re the victim of a crime, filing a police report where you live. Learn more in this deeper-dive article on medical identity theft.

Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.

Start your protection,
enroll in minutes.