As many of you know, the Health Insurance Portability and Accountability Act (HIPAA) is touted as protecting our privacy. But does it really protect us? I am frankly a bit unhappy about the situation. I got caught up in the OPM breach and we have heard of many instances where health care providers have had cybersecurity incidence and have our private health information has been stolen. HIPAA doesn’t protect us at all against these cyber threats.
And I have gotten really nervous about my information. I got a call from some company last night saying that they worked for my insurance company and they wanted to enroll me into a health program. Before we even got to step one they wanted me to reveal personal information such as my SSN in order to “prove” I was the patient. The said they couldn’t talk to me unless I provided this information because of HIPAA. They said they needed me to breach my privacy in order to “protect” my information as a patient.
I said that they were not protecting my information by forcing me to reveal private information and I demanded that they reveal information that proved their identity. Guess what, they couldn’t give me any assurance that they were who they claimed to be. No phone number at my insurer, they couldn’t confirm any information that only my insurer would know. Why in the world would anyone answer an unsolicited phone call and then give out personal private information. I told them they could send me a formal letter Aetna and that I would then call them. I felt like they were not protecting me as a patient rather they were protecting themselves against claims that they “broke” the HIPAA rules.
Is anyone else concerned about their privacy? Do you trust healthcare providers to protect your information? How do you respond to crazy interactions like this?
I don’t trust anyone to protect my information. I’ve worked in the computer security field too long to trust any organization’s competency. But you don’t need my experience to reach that conclusion. You just have to listen to the news.
The fact is that we live in the information age, and the safeguards are light years behind the threats and risks. It’s a lousy situation and I don’t have a clue about a solution.
It’s not the security aspect itself that concerns me as much as the reality that we can be forced to “voluntarily” surrender access to our medical records for things like professional licenses, pre-employment physicals, etc. It’s pretty much just an illusion of privacy in the contexts that really matter.
I have gotten calls from United Health Care and then they wanted me to prove who I was. The call on the caller id was unknown. I asked them to prove who they were but they wouldn’t do it. I wouldn’t give them info and ended the call. When I checked it out, it was a legitimate call. But it is suspicious when they call and want me to prove who I am.
I would never give that kind of info to an unidentified party. In fact, I won’t answer the phone if the caller ID is unknown to me or, worse – blocked. More than that, if the same unidentified party calls my landline more than a certain number of times, I will block the number. If they won’t identify themselves and won’t leave a message, they don’t want me badly enough.
I don’t think we have any privacy. I still wouldn’t share information but I am suspicious of any claim that our information is, in fact, all that secure.
In hindsight I am really a bit angry that my insurance company won’t protect me. If this is actually a contracted partner of my insurance company then my insurance company should be willing to authenticate them. It isn’t hard. They have a password controlled website. They are literally forcing everyone to use it. All they need to do is take 15 minutes a post a list of authenticated partners and their phone numbers.
Much like David said, if I don’t know the number they can leave a message… If they won’t do that they have no chance of talking to me. Wonderful service for landlines called nomorerobo, re-routes known robo-call numbers so that they do not even get to your phone. Since I started using it, maybe 1 or 2 calls a week get through compared to 5-6 a day before. It was a very peaceful primary vote week this year as it even gets rid of the political calls.
nomorerobo. Wow. I must check that out. For years now, I’ve been using the call blocking service on my landline to block specific numbers, but that sounds like a great addition. Thanks for mentioning it.
LOL . . . turns out they don’t support my carriers. Figures . Murphy never sleeps.
Dave, I was doing that too and going nuts as they limited how many #'rs you could block and the callers would just keep switching on their end. I’d go to block list , pick one to delete and add the new one every other day. If you go to the website it explains how it works and if your service is compatible, think it hinges on being able to forward calls. Took about 2 minutes to sign up and then add the correct call forward script (this was with Xfinity)…
I was caught up in the OPM fiasco, too, as well as my medical records stolen from a government employees unsecured laptop in TX a few years ago. Our government is the absolute worst when it comes to protecting our information. I understand electronic records are supposed to streamline the healthcare process, but I have zero faith in its security. My other concern is that computers fail. What happens to our records then? For my own sanity I make sure I have a paper copy of everything, and being in the military system, I request paper records every time we move. You would not believe how many times my husband’s records have been “lost”, and we have to supply a copy to his new duty station.
I make a point of simply not answering calls from phone numbers I don’t recognize, and the best thing to do, which everyone on this page has done, is not to share personal info., especially social security numbers, over the telephone. Lot of scam artists out there.