Fine print, Living with credit, Protecting yourself

Health care data breaches: Why you should be concerned

Sienna Kossman

If news broke of another retail data breach, you might not blink an eye. After all, retail security breaches seem to be occurring at a rapid pace lately, and we’re still hearing about Target’s data breach two years hence.

But what if you learned of a health care data breach that didn’t involve payment card information. Would you pay as much attention?

If your answer is “no,” consider the following:

Health care data breaches: Why you should be concerned

While compromised health care data may not specifically include credit card numbers or banking information, this type of breach has the potential to create longer lasting, more significant damage, opening the doors to all sorts of identity theft issues — medical and financial alike.

One of the more recent health care data breaches — and the largest in U.S. history — was reported February 13, 2015 by Anthem Health. The data of as many as 80 million people may have been stolen, according to USA Today.

That’s approximately one-in-four Americans, based on the current population. Yikes.

Health care data is a treasure trove for cyber thieves. Just think of all the forms you fill out when you visit a doctor. Social Security numbers, phone numbers and other sensitive data, such as insurance card numbers, employment information and email addresses, are just some of things hackers may have gotten hold of, according to Anthem’s fact sheet.

When combined, such information could allow someone to fraudulently use your insurance and rack up a stack of unpaid medical bills in your name, resulting in debt collection issues and damage to your credit. Medical identity theft can cost victims an average of $20,000 in out-of-pocket expenses, according to the Ponemon Institute.

Plus, since consumer health care information gets updated with each doctor visit, data stolen through health care breaches is fresh–and easy for criminals to use.

Health care data also has a much longer shelf life than, say, a credit card number. If card data is stolen in a breach, issuers can quickly cancel cards and issue new ones to consumers, who can be held liable for only $50 of fraudulent activity, although most issuers don’t charge anything.

However, the same cannot be done for Social Security numbers, birth dates and addresses. If a criminal gets hold of that data, it’s unclear how long they will be able to use it for their own profit — and wreak havoc in consumers’ lives.

So, even though you may not consider the Anthem breach to be breaking news, it’s important to stay alert. Members of Community Health Systems and Premera Blue Cross should also be vigilant, as those health care organizations were also hit by data breaches over the past year, affecting 4.5 million and 11 million patient records, respectively.

Health care data breaches aren’t expected to dwindle anytime soon, either. According to Experian’s 2015 Second Annual Data Breach Industry Forecast, health care-related data breaches are projected to increase over the next year, especially as digital records become more extensive, thanks to new technologies such as wearable monitors and mobile apps. The report recommends that medical facilities of all kinds increase data security, especially as the potential cost for health care breaches could be as high as $5.6 billion annually.

What can you do to protect yourself from health care data breaches now? Not much, unfortunately. In addition to watching accounts and credit reports closely, potential breach victims may also have access to identity theft monitoring services such as AllClearID, which Anthem is offering to at-risk patients for two years, free of charge.

However, while monitoring your accounts and credit can help alert you to fraud, two years of monitoring may not be enough time to ensure you’re in the clear, according to Forbes contributor Dan Munro. Because the potential life span of the data typically attained through health care data breaches is long, an ongoing process of monitoring your information and being constantly aware of all account transactions will be necessary for years to come.

The country may be migrating to new payment systems such as chip cards to better protect your payment card information, but until similar steps are made within the health care network, be on alert. Health care data breaches may not get as much press as retail breaches, but they are worth your attention.

Join the Discussion

We encourage an active and insightful conversation among our users. Please help us keep our community civil and respectful. For your safety, we ask that you do not disclose confidential or personal information such as your bank account numbers, social security numbers, etc. Keep in mind that anything you post may be disclosed, published, transmitted or reused.

The editorial content on is not sponsored by any bank or credit card issuer. The journalists in the editorial department are separate from the company's business operations. The comments posted below are not provided, reviewed or approved by any company mentioned in our editorial content. Additionally, any companies mentioned in the content do not assume responsibility to ensure that all posts and/or questions are answered.