people wearing medical lab coats working

How to Prevent Medical Identity Theft


Medical identity theft has become a serious threat for patients, as hackers and cyber criminals have been targeting the healthcare industry at alarming rates. So why are medical records so valuable to data thieves? Personal medical data is said to be more than ten times as valuable as credit card information. Just one patient record contains an enormous amount of identity information that hackers can exploit, including social security numbers, birth dates, addresses, credit card information, telephone numbers, Medicare numbers, and prescriptions.

Keeping this patient information safe from cyber-thieves must be a top priority for hospitals, healthcare organizations, urgent care facilities, and medical offices. The following are a few best practices that will help ensure your patient’s medical data is safe:

  1. Education- Educating your staff can be a first line of defense against data theft. Ensure your employees are informed on privacy policies, security measures, how data breaches occur and how to prevent them. Build staff awareness of medical identity theft and how to keep patient data secure.
  2. Email- Many attempts for data breach occur through unsolicited emails called “phishing.” Instruct employees never to open emails, attachments, or links from an unknown sender.
  3. Mobile devices- Protecting devices such as laptops, smartphones, and tablets with encryption and passwords is another way to avoid a potential data breach.
  4. Antivirus- Keep software and antivirus programs regularly up to date.
  5. Secure wireless networks and server- Set up firewalls and antivirus for all devices. Make sure your router and any other components are updated, network passwords are frequently changed, and unauthorized devices cannot access the network. Lock down your network server so that it cannot be physically removed from your office and lock up any backup or storage devices.

Common mistakes practices make:

  • Employees sharing workstations or user IDs
  • Leaving screens or workstations unsecured
  • Sending patient medical information via unsecured email
  • Using unsecured laptops, tablets, and smartphones
  • Sending patient medical information through text messaging
  • Speaking about private patient medical information to friends, family, patients or other medical offices.
  • Failure to obtain the proper release/consent form to release patient medical data.
Business - Medical and Dental Industry

Ready to explore how Sunflower Bank can assist you? Speak to a personal banker at a branch near you, contact a specialist on our Wealth Management team, or find the right financial partner on our Commercial Banking team for your business needs. 

Back to Resource Articles

This article contains general information only. Sunflower Bank is not, by means of this article, rendering accounting, financial, investment, legal, tax, or other professional advice or services. This article is not a substitute for such professional advice or services, before making any decisions related to these matters, you should consult a qualified professional advisor.