Spotting Healthcare Scams: Protecting Your Health Information

Spotting healthcare scams

Healthcare scams are becoming increasingly sophisticated, targeting unsuspecting patients through various means, especially emails and other forms of communication. One area of concern is the MyChart Electronic Medical Record (EMR) system, which is widely used for managing personal health information. At Luminis Health, we take cybersecurity concerns seriously and adhere to best practices to keep data safe.

In addition to our security measures, there are steps you can take to safeguard your health data and personal information. As you review emails, texts and phone calls, here’s what you need to know:

Understanding MyChart EMR Scams

Scammers often exploit the trust and familiarity associated with well-known health systems and EMR platforms like MyChart. They aim to steal sensitive personal information or install malicious software on your devices. Here are the key red flags to watch out for:

1. Phishing Emails and Text Messages

Phishing is a common method used by scammers. You might receive an email or text message that appears to be from your health system, prompting you to click a link or provide personal information. These messages often look legitimate but contain subtle errors or urgent language designed to create panic.

  • Tip: Always verify the sender’s email address and look for grammatical errors or unfamiliar web addresses. If unsure, contact your healthcare provider directly using a trusted phone number.

2. Spoofed Caller ID

Scammers can use technology to make it appear as if they are calling from a legitimate healthcare provider’s phone number. During the call, they may ask for personal information or direct you to a fake website.

  • Tip: If you receive an unsolicited call asking for personal information, hang up and call your healthcare provider back at a known, trusted number.

3. Fake Login Pages

Scammers create fake websites that mimic the MyChart login page. When you enter your credentials, they capture your username and password, giving them access to your EMR.

  • Tip: Ensure the website URL is correct before logging in. Genuine MyChart portals will have secure web addresses starting with “https://” and often include your healthcare provider’s name.

4. Unsolicited Requests for Personal Information

Legitimate healthcare providers will never ask for sensitive information such as your Social Security number, password, or financial details via email or phone. Be wary of any unsolicited requests for such information.

  • Tip: If you receive a suspicious call or message, do not provide any information. Instead, contact your healthcare provider to verify the request.

5. Unusual Account Activity

Regularly monitoring your MyChart account can help you spot unauthorized access. If you notice any unfamiliar activity or changes, it could be a sign that your account has been compromised.

  • Tip: Enable account notifications to receive alerts about any changes or logins. Report any suspicious activity to your healthcare provider immediately.

Protecting Your Information

Here are some steps to enhance the security of your personal information and communications:

  • Use Strong, Unique Passwords: Avoid using the same password across multiple accounts. A strong password includes a mix of letters, numbers, and special characters.
  • Enable Two-Factor Authentication (2FA): 2FA adds an extra layer of security by requiring a second form of verification, such as a text message code or authentication app.
  • Regularly Update Your Passwords: Change your passwords periodically to reduce the risk of unauthorized access. Cybersecurity experts recommend changing your password every three months.
  • Be Cautious with Public Wi-Fi: Avoid accessing accounts with sensitive information, like MyChart, over public Wi-Fi networks which are often less secure.
  • Verify Communications: Always verify the sender or contact of suspicious emails, text messages and phone calls. Look for signs of legitimacy, such as official logos, correct email addresses and proper grammar.

Reporting and Responding to Scams

If you suspect you’ve encountered a scam or that your MyChart account has been compromised, take immediate action:

1. Report the Incident: Contact your healthcare provider’s support team to report the issue. The Luminis Health MyChart Support team can be reached at (833) 254-3600 or
2. Change Your Password: Update your MyChart password and any other accounts using the same credentials.
3. Monitor Your Accounts: Keep an eye on your medical and financial accounts for any unusual activity.

For more information on recognizing and avoiding healthcare scams, visit the Federal Trade Commission’s website on healthcare scams.

By staying vigilant and following these tips, you can help protect your MyChart EMR and personal health information from scammers.

• Federal Trade Commission, “Health Care Scams,” accessed May 17, 2024, FTC Healthcare Scams
• U.S. Department of Health and Human Services, “Protecting Personal Health Information in Electronic Health Records,” accessed May 17, 2024, HHS Protecting PHI