Medical facilities, such as hospitals and doctors’ offices have become a major source of data breaches resulting in large numbers of patients becoming victims of identity theft. Recently the Flowers Hospital in Alabama notified an undisclosed number of its patients that their personal information including their names, addresses, birth dates, Social Security numbers and health insurance numbers had been stolen between June 2013 and February 2014. The hospital is offering free identity theft monitoring services to those people affected and are giving the victims until June 30th to sign up for the service. According to the letter sent by the hospital to the victims of the data breach, a hospital lab employee stole forms from the hospital that contained the above-described information. Yesterday a class action lawsuit was filed against the hospital alleging negligence and other civil violations. The hospital employee alleged to have been behind the data breach has been arrested.
This case is another example of the fact that you are only as safe from identity theft as the places with the worst security that hold your personal information. It is also important to note that, as I have noted previously, your Social Security number is a key to identity theft. In the hands of an identity thief, your Social Security number makes it a simple matter for a criminal to steal your identity. We are all routinely asked for our Social Security number when we receive medical services, but the truth is that medical providers have no need for our Social Security numbers. The main reason that medical providers collect Social Security numbers is to make it easier for them to collect on unpaid bills. In the future when asked by any company or medical provider for your Social Security number, inquire as to why they need it. If there is no good reason for them to have it, offer another form of identification such as a driver’s license number.