What Can I Do When My Medical Provider is Hacked?

When you are notified by your medical provider their network has been compromised and your information could be at risk, there are a few things you can do:

  1. Freeze your credit.  If you haven't already, freeze your and your family's credit.
  2. Ask your medical provider for credit monitoring.  If it was not offered, ask for at least one year of free credit monitoring.  If it was offered, sign up!
  3. Ask your medical provider for remediation details.  
    1. If more than 500 Coloradans Personally Identifiable Information (PII) is impacted, they are required to notify the Colorado Attorney General's office.  This ensures this breach is documented and provides you a formal record if your data is misused later.
    2. If you believe your medical provider violated your health information privacy rights or committed another HIPAA violation, you can file a complaint with the Office for Civil Rights.
    3. You can ask your provider what they are doing to reduce future risk.  One recent study reported that 80% of breach organizations were victimized a second time.
  4. File a complaint with the FBI's internet crime complaint center
  5. If you become aware your data is misused, file a police report with your city - if you live in unincorporated Jefferson County file a report with the county.

Even when your medical provider's form letter tell you "there is no indication of misuse" you may want to follow the first 3 steps.

Show All Answers

1. What Can I Do When My Medical Provider is Hacked?
2. Peer Support Program
3. Identity Theft and How to Create a Recovery Plan
4. First Six Steps After Fraud Occurs
5. Has my account been breached?
6. Am I Hacked