Identity Theft and Obamacare: What You Need to Know
In this day and age, identity theft is a serious problem, and one we can expect will worsen as more people send personal information over the Internet. According to the FTC , total consumer complaints of identity theft rose from 86,250 in 2001 to 290,056 in 2013. In fact, roughly 14% of all consumer complaints made to the FTC in 2013 concerned identity theft.
If you're trying to obtain quotes or to enroll in a health plan under the Affordable Care Act (commonly known as "Obamacare"), you'll have to provide private medical information online. As a result, it's important to know about Obamacare's identity theft risks and what you can do to minimize those risks.
Medical Identity Theft
Medical identity theft occurs when someone steals information such as the victim's name, Social Security number, Medicare number, or treatment history. Often, the thief does so to obtain health care, to buy prescription drugs, or to receive reimbursements by submitting fake Medicare billings in the victim's name.
Statistics on the frequency of medical identity theft are hard to come by because theft is hard to detect and is often misreported as health care fraud. A report prepared for the Department of Health and Human Services estimated that 250,000 Americans were victims of medical identity theft in 2006. In 2012, an estimated 1.85 million Americans were affected, a 21% increase over the estimate for 2011. The reliability of these figures is unclear, but the trend is apparent.
Identity Theft Risks with Obamacare
The technical issues involved with the rollout of Obamacare's insurance exchange website in late 2013 are well known. The fear that enrollees' confidential medical information could be easily stolen by identity thieves received less attention. According to a former Commissioner of the Social Security Administration, the federal website was "a hacker's dream." State exchanges also had vulnerabilities. For example, California's website had a security flaw that could allow an identity thief to access, and even change, the information entered into an enrollee's personal account.
The 2015 open enrollment fortunately had fewer problems. One important provision of Obamacare is the move from paper medical records to electronic ones. The hope is that this transition will reduce medical identity theft by preventing thieves from finding and stealing a victim's paper records. However, it's certainly possible that in the short-term, there may be a surge in theft as vulnerabilities that occur during the transition to electronic records are exploited.
How Enrollees Can Reduce the Risk of Identity Theft
By nature, providing one's Social Security number, date of birth, Medicare number, and physical descriptions such as height and weight over the Internet involves the risk of identity theft. The usefulness of this information to thieves is the reason why medical identities are estimated to be worth 20-50 times more than financial identities. Unfortunately, an Obamacare enrollee must largely rely on his or her state's exchange being able to protect sensitive medical information.
With that said, there are some common sense steps enrollees can take to reduce risk. For example, enrollees should:
- Look for government logos, seals, or web addresses (ending in ".gov") when providing any personal medical information online.
- Never give personal health information, including medical or treatment history, to callers or solicitors who claim to be associated with the government or with Obamacare.
- Protect personal medical information by putting paper records into a safe or deposit box.
- Contact your state's department of health or consumer protection agency to verify that an exchange, insurance company, or health care provider is genuine.
Getting Legal Help with Identity Theft
If you have questions about federal or state health care privacy laws or questions about identity theft and Obamacare, you can find an experienced consumer protection lawyer through FindLaw.