Medical identity theft is becoming a grave concern in America, according to many authorities. As shown by the Ponemon Institute’s 2013 Survey on Medical Identity Theft, close to 1.84 million Americans are victims of this crime at a cost estimated in the range of $12.3 billion. Medical identity theft occurs when someone uses your identifying information to receive medical services where medical records are generated, or uses your medical insurance to pay for medical equipment/services. This crime is predicted to rise in the current digital age of healthcare, with electronic health records being more popularly used and shared across digital networks.
Now why is proper identification often impossible in the healthcare scenario? Take for instance the emergency room, where physicians are primarily concerned about reviewing medical records and providing care to people in need of immediate medical attention. Loopholes thus exist whereby identity theft may occur. Moreover, the medical field is one where service comes first even before checking out the customer.
How can medical identity theft be prevented? There should be improved data protection and improved patient identification means. Foolproof patient verification and data encryption can help achieve these objectives. At present, patient authentication is mostly made on the basis of the verbal information they provide regarding identity and coverage. Providers should be able to use advanced technology solutions including efficient electronic patient records to verify the identity of a patient. Smartcard technology is recommended as an ideal way to deal with the privacy and security challenges existing in the medical industry. The healthcare industry can utilize the smartcard-based identity management and authentication technology solutions, standards and practices that have already been introduced by the federal government, and ensure that medical identity theft is curtailed.
Some ways healthcare providers and facilities can prevent medical identity theft at the organizational level are:
- Appoint employees only after a thorough background check
- Restrict employee access to healthcare data. Allow access only to data that an employee needs
- Implement a foolproof process to track access to sensitive data
- Have fraud detection software to identify any suspicious activity
- All devices should be made secure with passwords, encryption and remote wipe capability if theft or loss of patient data occurs
- Ensure that mobile devices, tablets and computers are accessible only to staff who really need to do so
- Change passwords frequently
- Encrypt all healthcare information stored in the cloud
- Be strict about HIPAA compliance
Federal Guidelines to Prevent Medical Identity Theft
- Manage enrollment information effectively with payers. Keep them updated about material enrollment changes when opening, closing or moving practice locations or when leaving an organization. Providers are advised to keep their reimbursement banking information up to date. This will enable payers to alert providers whenever issues such as additional billings from old locations or new locations opened without the provider’s knowledge.
- Carefully monitor billing and compliance processes. Providers can implement effective policies and procedures that will help minimize risk and ensure complete compliance. Sound billing practices should be put in place to prevent any kind of healthcare fraud. There should be a system of monitoring all billings made in the providers’ names. Reviewing organizational remittance notices and checking them against the medical record documentation, reading all documents before signing them and keeping copies of the signed documents, documenting billing issues related conversations, and reporting suspected fraud are some of the steps to follow.
- Ensure that medical identifying information does not fall into the wrong hands. A provider’s staff must be trained on the appropriate use and distribution of medical identifiers; they should know when such information must not be distributed. Make sure that prescription pads are not left unattended; when filling out prescriptions and other documents, make sure that they are completely filled so that there is no chance of tampering.
- Make patients aware of the danger of medical identity theft. Encourage patients to review their EOBs, including Medicaid bills and Medicare summary notices.