Cybersecurity Guidelines for Safeguarding Your Medical Records

With healthcare and medical records being among the data most valued by cybercriminals, it's important to take measures to safeguard it.


Family Medicine Physician Dr. Albert Warren, MD consults with a patient and records the patient’s symptoms on an electronic tablet in Hawkinsville, GA. USDA Photo by Bob Nichols.

Healthcare and medical records are among the data most valued by cybercriminals as they attempt to conduct campaigns to steal as much of your money as possible, with seniors the most valnerable during this period of the COVID-19 pandemic.

You may be sent an email or letter from an unknown source making you a once in a lifetime offer, or asking you to help out by donating money somewhere. Or, you can simply get a phone call from someone claiming to be a representative of your insurance provider or health clinic. This can seem genuine but you need to treat every message requesting your sensitive and private medical records with suspicion as it could be from cybercriminals and scummers.

By way of assistance, here are seven steps you can take to protect yourself from cybercriminals targeting your medical records.



1. Carefully Review All Healthcare Correspondence


A summary of healthcare may uncover that a treatment was paid for with your health insurance that you never received. This would indicate that someone has been able to apply for treatment, and receive it, in your name.

If this is so, then you must contact your healthcare provider and insurance company at once to make them aware of this.


2. Log On to Online Platforms to Check Your Healthcare Details


Make sure that the information is correct. If a hacker can see that you have not registered with your own information then they may do so using someone else’s.

You can also cast an eye over the procedures provided here as well. Make sure that nothing was claimed in your name, or anyone else’s, in your account.

It is also vital, if a hack does occur, that you make sure that none of your information has been altered in relation to allergies, previous treatments, and so on.


3. Check What Your Doctor Does with Old Information


It is important to make sure that information which your doctor is no longer using has been properly destroyed.

Many healthcare privacy breaches happen because old files are placed in the normal thrash collection instead of being destroyed in line with HIPAA obligations.

Check that your healthcare clinic is sure that everything is being completed legally.


4. See If Your Social Security Number Is Really Required


You will normally be asked for this piece of information but there is no obligation on you to make it available.

Unless your clinic insists then do not hand it over as it is the main target for hackers as they can use it to access lots of other services by pretending they are you.


5. Protect Your Medical Records at All Costs


Healthcare data is every bit as important as financial data. It can be used to steal from you and it is vital that you treat it with respect. Never make it available and see to it that it is destroyed properly when it is no longer needed.

Data protection laws within the EU were modified due to the GDPR training which brought privacy and data protection into the digital age.


6. Take the Offer for Monitoring Services


In many cases an insurance provider will offer subscribers free fraud monitoring services that you should take advantage of. By using this option, it means that anything amiss will show up on your credit report, setting off a fraud monitoring alert.


7. Be Careful What Information You Share to Your Online Accounts


Lastly be wary of all information you provide to your online accounts, including health or fitness trackers. Your home address, date of birth and other information can be used, if the app is hacked, to commit further fraud.

George Mathews is a staff writer for He is passionate about personal growth and development.


Article is published courtesy of Compliance Junction, which aims to provide comprehensive coverage of regulatory compliance news anywhere online, starting with HIPAA and GDPR compliance.