|
YOUR PRIVACY and IDENTITY SECURITY Federal law now protects the privacy and security of medical information. First, some of the provisions of federal law on the privacy of medical information: -- Health-care providers and insurers must have a written privacy policy -- and give it to patients. -- Patients are allowed to see and obtain copies of their own records and request changes. -- Those who unlawfully obtain or disclose health information face a fine of up to $250,000 and up to 10 years in prison. (This will be of particular concern to your HR department. Health records should be segregated from other files you maintain on employees and access to al of these records should be heavily restricted.) -- Employers that self-insure must maintain a "firewall" to prevent those who handle employee health claims from sharing medical information with anyone -- in or out of the company. -- Health-care providers and insurers must disclose when they use patient information for marketing purposes. Patients have the right to refuse future marketing efforts from a source after an initial solicitation. Caution your employees to take these privacy precautions: -- Don’t disclose health information on marketing surveys, product registration cards, and offers of free health screenings. -- Think before participating in on-line health/medical surveys or registering on health Web sites or dialing toll-free numbers to ask about a new drug or an illness. -- Consider paying out-of-pocket for treatment when privacy is desired. -- Talk to your doctor and pharmacist about their privacy procedures. -- Edit any waivers on insurance forms so only information necessary to process a claim is released. -- Send in those "opt-out" forms from financial institutions (including insurers) to prevent information from being shared with third parties. Social Security Numbers It is unlawful for private employers to use Social Security numbers for identification purposes. In some jurisdictions, government agencies are specifically prohibited from doing so. Take precautions against misuse of and to be sensitive to employee concerns about the distribution of SSNs. Don't publish the numbers widely or use them for anything other than legitimate business purposes. Don't make the numbers visible on timecards or identification badges. Sadly, many cases of identity theft have involved co-workers for whom personal information was too easily available. Share these basic precautions with employees to help prevent "identity theft" -- Buy a credit report at least once a year. Subscribe to services that report credit activity back to you regularly. -- Call your creditors if bills or replacement credit cards don’t arrive on time. -- Don’t carry rarely used credit cards or extra identification. -- Don’t use as your passwords and PINs any numbers, (such as a birthday), that a thief might find in your wallet. -- If you suspect mail theft, get a lockable mailbox or rent a Post Office box. Mail envelopes containing checks, credit-card numbers, or ID information only at the Post Office. -- Don’t leave ATM receipts on counters or trash cans. -- Don’t throw credit-card receipts from stores or gas pumps in trash cans. -- Get access to a shredder so personal information doesn’t go out with the trash. Shred receipts, credit applications, canceled checks, and financial records that are no longer needed. -- When traveling, never put your home address on luggage tags. -- Be careful what you say in "auto-reply" e-mail. Don’t say you are on a trip and will return on the 15th -- the terrorists/rapists/burglars will come on the 14th! -- The next time you order checks have only your initials (instead of first name) and last name put on them. If someone takes your check book they will not know if you sign your checks with just your initials or your first name but your bank will know how you sign your checks. -- Put your cell phone number on your checks instead of your home phone. If you have a P.O. Box use that instead of your home address. If you do not have a P.O. Box use your work address. Never have your Social Security number printed on your checks. -- Photocopy the contents of your wallet -- do both sides of each license, credit card, ID, pass, etc. This will give you a record of all of the account numbers and the phone numbers you will need to call and cancel any stolen or lost credit cards. You should also photocopy the page of your passport that has your picture and the passport number. -- File a police report immediately in the jurisdiction where your wallet was stolen. This proves to credit providers you were diligent, and is a first step toward an investigation. -- Most important: Call one of the three national credit reporting organizations immediately to place a fraud alert on your name and Social Security number. The alert means any company that checks your credit knows your information was stolen and they have to contact you by phone to authorize new credit. The numbers are: Equifax:
1-800-525-6285 |