More than one out of every three people in the state — among the highest reported proportions, nationwide — had their most personal details exposed in the the recent Anthem data breach.
The breach affected information on 3,726,249 current and former policyholders at Blue Cross Blue Shield of Georgia, whose parent is Anthem Inc.
It’s a potentially dangerous situation because of the type of information lost: names; dates of birth; social security numbers; addresses; telephone numbers; and, even, income information, to name a few.
Such data could give thieves more than enough to for so-called medical identity theft.
Unlike schemes that take advantage of people’s financial details (think: bank account and credit card numbers), the harm caused by this type of healthcare fraud can be uniquely injurious — possibly even affecting the way a victim is medically treated in the future.
Insurance Commissioner Ralph Hudgens, whose office announced the number of Georgians affected late last week, recommends that people who think they are affected call an Anthem telephone hotline (877-263-7995) or visit the insurer’s website, anthemfacts.com.
Those people, he said, are entitled to credit monitoring services that will help them fight financial fraud.
But medical identity theft is completely unlike its more monied cousin and unlikely to be helped by such services, said Pam Dixon, executive director of the World Privacy Forum in San Diego.
She said this type of fraud is eerily easy to enact, taking as little as a zip code and a name.
“It’s really simple,” Dixon cautioned. “We actually once had [an instance] where a woman literally chose a man from a phone book and the man ended up a very serious victim of medical identity theft.”
The man — falsely listed as the father of the woman’s baby — ended up getting hounded for child support.
Hudgens’ announcement on the Anthem breach did not say if there is any evidence so far of actual misuse of any Georgian’s information.
Regardless, criminal rings could use information to fraudulently submit bills, perhaps to Anthem, but more likely to Medicare and Medicaid, for services or medications.
While the insurer pays out and the policyholder might never know, their medical records could be altered in irreparable ways. That can change the way a person is treated, potentially causing someone to be given medications they are allergic to.
“You can’t just go to the hospital and say: ‘Please erase my medical records. They are inaccurate’,” Dixon said. “They won’t’ do it for you, and there is no law that will make them.”
She added, unlike financial identity theft, where credit monitoring services and banks are on the look out for consumers, there are not as many protections for patients, making it harder for victims to similarly recover.
About the Author
