Who Owns Your Medical Records?

[Please note: References are linked to this page and can be viewed by clicking on the * throughout this document]

There is little consensus nationwide concerning the ownership of your medical information.  We see this lack of consensus when we look at how state legislators have dealt with this issue.  As of 2016, 22 states have laws that give ownership to hospitals and physicians; 28 states (including the District of Columbia) have no laws governing ownership; and one state, New Hampshire, gives medical information ownership to the individual.*   

Logic suggests individuals should own their medical information, after all it is their medical history and they paid for all the examinations and treatments described in these records. For those 22 states that have assigned ownership to hospitals and physicians, this logic was evidently not a consideration.

The consequences of not owning and controlling our medical information are severe.   
Information contained in our medical records is some of the most sensitive identity information we have.  To date hackers have stolen more than 50 percent of all electronic medical records in the U.S. and lawmakers and law enforcement are helpless to stop these thefts.*  Worse yet is many medical facilities have failed to notify those whose records have been compromised.

Stolen medical records are not like stolen credit cards or bank account information.  Banks can issue new credit cards and change access to bank accounts but medical information is permanent.  Stolen medical information is being sold for millions of dollars and eventually ends up in the hands of data brokers who know these records will bring high prices especially from employers.  Employers will use this information when making employment decisions because they do not want to hire an employee who poses a medical liability.  Individual's who have had significant medical issues in the past or who may suffer from a chronic ailment will be discriminated against regardless of whether or not the chronic disease is well controlled. 

The federal government has not stipulated who should or shouldn't own medical information.  It is speculated they consider medical record ownership a state concern and may also believe it may become a moot point knowing the provisions of the Health Insurance Portability and Accountability Act (HIPAA).*  This federal law requires medical facilities to provide copies  of medical records when individuals request them.  HIPAA can sidestep the issue of medical record ownership evidently assuming individuals will be satisfied knowing they are entitled to copies of their medical records.  

Even though HIPAA guarantees we can always get a copy of our medical records we exercise no control over how this information is being protected.  It is logical that we should own the information and we can only hope laws will be enacted to guarantee ownership.  In the meantime the answer to the question ‘who owns my medical record’ is you don’t own that information unless of course you reside in the State of New Hampshire.

Is Lifelock a Scam?

[Please note: References are linked to this page and can be viewed by clicking on the * throughout this document]

Lifelock's problem all along has been false advertising.  They tell us they can protect us from  identity thieves while the truth is there is no protection from an identity thief if the thief has enough information to impersonate you and steal from you.  

Because of this false advertising multiple fraud charges and fines have been levied against Lifelock.  In 2010 the Federal Trade Commission, along with 35 state attorneys general, fined Lifelock $12 million. *   This fine was to settle charges that the company used false claims to promote its identity theft protection services and repeatedly failed to secure the identity information they collected from millions of subscribers.  Later, because Lifelock's failed to stop the false advertising, they were found to be in contempt of the original order and fined an additional $100 million. *  

The Lifelock story is one of ineptness.  Lifelock came to our attention more than ten years ago when LifeLock's former CEO Todd Davis began an advertising campaign that included sharing his social security number on billboards, in television commercials, and even on the side of truck. The marketing ploy ultimately backfired when several reports showed his social security number being compromised and used for taking out loans and opening new accounts. Rather than building confidence among LifeLock’s clients, it just cast more doubt about the credibility of his marketing campaign and his ill-advised marketing strategy. And coming from a personal identity theft company’s CEO, this spoke huge volumes not just about him but his company in particular.*  According to other reports Mr. Davis has been a victim of identity theft more than a dozen times * and during his tenure as CEO has had to pay out millions to settle lawsuits for misleading customers, and deceptive practices.* 

In November 2016 Symantec corporation bought Lifelock and many had thought the false advertising would stop.  It appears the false advertising continues and it is likely Lifelock and its new owners will be fined in the future.  Evidently a 100 million dollar fine every few years is not much of a deterrent to a corporation that is collecting billions of dollars yearly from unsuspecting subscribers.

Is Lifelock a scam?  You have to make up your own mind.

A Credit Freeze may not be what you think it is

Following the Equifax breach many have asked the three Credit Reporting Agencies (CRA) to 'freeze' their credit accounts.  A credit freeze is being advertised as a means of blocking all access to your credit reports with the expectation that it will stop identity thieves from setting up bank accounts, taking out loans, or other financial transactions all in your name.  In fact a credit freeze will block many enterprises from checking your credit reports which should prevent identity thieves from opening new lines of credit.

What we are not told is our credit information will still be released to any of our existing creditors as well as any debt collectors who are trying to recover funds.  Your Bank, your credit card providers, and any other financial institution that has a financial relationship with you can gain access to your credit information from any of the three CRAs.  The problem is your existing creditors are selling your credit information.  An example is Bank of America (BofA) who sends a letter to its customers every year telling how they 'safeguard' financial information.  They also let us know they are sharing our financial information with their affiliates and we can't prevent this sharing.  Sharing is a misnomer because what BofA is doing is selling this critical information to their affiliates.  We can't know who these affiliates are and therefore don't know what their policies are concerning protection of financial information.

Currently there is no foolproof method of insuring identity thieves will be prevented from gaining access to your credit information.  It is unsettling knowing our credit information is being sold legally and also illegally by Hackers; this information is everything an identity thief needs to make any of us identity theft victims.  

The solution we need is the means to prevent these thieves from making use of of our identity information.  The best and simplest way is through the use of the Social Security Number (SSN) registry which is a facility that allows each of us to register our SSN.  The way it protects us is by allowing anyone engaged in a financial transaction to access the registry to verify the owner of an SSN.  If the SSN is registered a message from SSN owner is displayed.  The message can be anything the SSN owner wants, it could be a phone number to call prior to approving any type of financial transaction or it could be a requirement to enter a security code known only to the SSN owner.  The SSN registry will prevent identity theft and save us billions of dollars every year.

Those who wish to register their SSN must have established their identity in the Identity Bank.  The Identity Bank and the SSN registry are currently in development and expected to be available in 2018.  More information is available in the book An Identity You Could Own  which is available on Amazon and through Apple iBooks at a cost of $.99.

The Equifax Breach - What You Don't Know Will Hurt You

         We all heard about the hackers that plundered Equifax and stole an incredible number of customer files.  Chances are criminals now have or will shortly have enough information to make millions of us identity theft victims.  But this has happened before and we have been playing the odds for many years in hopes we do not become one of the 10 million Americans who become victims every year.
         What most do not know is Credit Reporting Agencies (CRA), like Equifax, supply credit information to thousands of enterprises, both government and non-government, in order to help identify customers.  If you applied for Social Security benefits on line, a bank loan over the phone, etc.,  you may have been asked questions about your past residences, about your home mortgage, or other information that supposedly only you would know.  These questions are made up based upon CRA information and for most enterprises it is their only means of determining identity.
         Well now the criminals can answer those questions.  The identity thieves will be able to read the answers right off the stolen Equifax file.  Ironically these thieves may do a better job of answering questions than you can since you would be relying solely on memory.  Do you remember the name of your mortgage holder in 2004?
         So we continue to play the odds, which is a matter of waiting until it is our turn to be a victim of identity theft.  But there is a solution - we can devise the means to prevent these thieves from using fake identity documents to masquerade as us and steal from us.  The solution is laid out in my book An Identity You Could Own which is available on  Amazon and through Apple's iBooks at a cost of $0.99.

Identity Fraud Impacts More Than 15 million Americans in 2016 - Up 16%

While we all hoped for less identity related fraud in 2016 it hasn't happened.  According to Javelin Research, in their  2017 Identity Fraud Study, more than 15 million Americans (up 16 percent over 2015) fell victim to financial fraud made possible mostly through criminal use of stolen identity information.  

You may be a recent victim of identity theft and are looking for protection from identity thieves who will likely attack again.  Or you may be like the rest of us who are frightened at the prospect of becoming a victim.  You may also be someone who is paying for what is purported to be identity theft protection believing these products actually offer protection from identity thieves.  These products can only tell you once you have become a victim which means our only choice is to wait around until it is our turn to be attacked.  Unfortunately, there is currently no solution that will protect any of us from an identity thief if the thief has enough information to impersonate us and steal from us.  

The solution that will work is one that allows each of us to have our identity documents authenticated and available for viewing anywhere and anytime.  Such a solution will make it impossible for an identity thief to impersonate you and steal from you.  This solution is achievable and is fully explained in my book An Identity You Could Own. I'm not interested in making money selling this book which is why the cost is $.99 and is now available on Amazon and through Apple iBooks.  

An Identity You Could Own

Executive Summary

[Please note: References are linked to this page and can be viewed by clicking on the * throughout this document]

“My husband and I would have survived better had our house burned to the ground, or if we had been burglarized or robbed at gunpoint. There would have been less hassle, less stress and less indignation,” she said. “It caused the death of our marriage and of everything we’ve known to be safe and secure. I have no hope or faith or trust in anybody anymore.”  [An Identity theft victim in Minnesota.]*
            
         We have allowed identity theft to become this nation's worst crime wave primarily because of our inability to definitively identify anyone.  The reason we can't identify anyone is we can no longer trust the documents we use for identity purposes.  Fake driver's licenses, Social Security Cards, Military Identity cards, birth certificates, immigration documents, and an array of foreign identity documents etc., can all be purchased over the Internet.**These fake documents are of such good quality law enforcement, financial institutions, and enterprises of all sorts are unable to detect anyone using these fake documents.
         Identity thieves now have access to identity information on most Americans and through the use of fake documents thieves can easily victimize and steal from almost anyone.  Victims of identity theft are often crippled financially and while this is devastating what can be worse is when an identity thief uses fake identity documents when confronted by law enforcement.  There have been many cases where victims of identity theft have also been prosecuted for crimes they did not commit.*
         Our inability to definitively identify anyone has now become a major national security issue.  For example, the Transportation Security Administration (TSA) can’t be sure who is boarding an aircraft.  The problem is most travelers use driver's licenses for identity purposes and TSA has no ability to detect a fake license.*  What is most troubling is the recent Government Accountability Office (GAO) report to Congress* that tells our lawmakers how GAO investigators used fake identity documents to successfully apply for U.S. passports. We would be naïve if we thought terrorists, criminals of all kinds, and illegal aliens don’t know about this vulnerability.

         The reason we can't stop identity related crime is we can't adequately  protect highly vulnerable information systems.  These systems continue to be breached by hackers who in turn make large sums of money selling stolen identity information to identity thieves.  We also can't stop identity thieves from using our stolen identity information to obtain fake identity documents and masquerade as us and steal from us. 
         What we can do is focus on ways to prevent identity thieves from making use of stolen identity information.  The only way to do this is to provide the ability to verify the authenticity of identity documents when and wherever identity authentication is needed. The best solution is the establishment of an Identity Bank that assists each of us in assembling our identity documents from official sources.  The Identity Bank, upon our request and upon our behalf, requests official copies of our identity documents and upon receiving them attests to their authenticity and places them in our Identity Bank accounts.  Once these documents are in our account we are the only ones who have access to these documents which, for the first time, gives each of us full control and ownership of our identity information.  When our identity needs to be verified we can authorize views of our authenticated identity documents anytime and anywhere.
         The Identity Bank is the only solution that prevents identity theft.  One of the simplest and likely one of the best identity theft prevention solution is through using the Identity Bank’s Social Security Number (SSN) Registry.  This system allows those who have established their identity to register their SSN.  Anyone, especially those who are engaged in a financial transaction, can access the Registry and, if the SSN has been registered, then the SSN owner's instructions are viewable.  The instructions might require a phone number to be called before any financial transaction occurs.  The SSN owner could also require entry of a code known only to the SSN owner.  The identity thief will not know the correct code and will be quickly discovered once the SSN owner is called.  The SSN Registry in wide use will save us billions of dollars each year by putting the identity thief out of business and, with nothing to sell, the hacker finds the same fate.  
         How we establish the Identity Bank that puts us in control of our identity information is described in my book An Identity You Could Own.   

         For more information visit  my website at: www.patrickkelly.com