Saturday, January 20, 2007

Free Healthcare via Identity Theft


The below article is submitted to the blog by Michael O'Rourke...a good friend who specializes in the field of identify theft prevention and protection. Apparently the field of identity theft has more angles to it then we knew about when we first wrote about it a few months ago. Also, it would seem that a few state hospital associations are interested in the issue as well...interested enough to seek proposals to offer prevention and risk management options to their member hospitals.

Letter follows from Michael...

A retired California schoolteacher found out the hard way about the newest form of identity theft -- using someone else's information to obtain medical care.
Hospital bill collectors demanded Ms. Weaver, 57, pay for the amputation of her right foot after an identity thief obtained care under her name and had the bill sent to her insurer, the Los Angeles Times reports.
Experts say rising medical costs have made it profitable for thieves to obtain care under stolen identities. Unlike theft cases involving credit cards, unraveling medical identity theft is much more difficult due to the Health Insurance Portability and Accountability Act of 1996.
The HIPAA law makes it difficult for patients to view their own medical records since doctors and hospitals face stiff penalties for improper disclosure of information. Medical records become even harder to obtain if a person reports possible medical identity theft because now their information is mixed with that of another person.
Fraud victims also face possible injury or death if doctors make treatment decisions based on wrong information.
How much is a stolen medical ID worth to a thief? A feature article in the November 2006 Reader’s Digest by Max Alexander states:

“For some unfortunate victims, medical identity theft is the last straw; after crooks steal their wallet and max out the credit cards, they turn to the health insurance card for even more freebies. "An insurance card is like a Visa card with a $1 million spending limit," says Byron Hollis, national anti-fraud director of the Blue Cross and Blue Shield Association. “
The middle man who is selling the manufactured or stolen medical insurance cards may be charging $50.00 - $100 for the card, a small price compared to the cost of healthcare. And the theft may go undetected, especially if an address change is also done on the first visit. The person obtaining the raw information; name, address, social, birth date and insurance subscriber number could receive $10 or $15 for each set of patient information.
Legislation in the form of FACTA, HIPAA, and GLB dictate that all businesses take certain steps to protect this non-public information and protect the organization from the legal consequences of lost data. Along with additional training specifically directed toward the prevention of ID theft, offering your employees continuous credit monitoring and ID Theft restoration as an employee benefit is another step toward compliance. By doing so, less private information may be unknowingly or intentionally leaked to potential thieves by your employees because of heightened awareness and security of information.
Action steps: To protect the patient, greater attention to verification of a patient’s true identity before medical services are performed is recommended. To protect the healthcare organization, block display of all numbers in the social except the last 4 digits. Ask a patient for a photo ID and insurance card if they have it. Determine which departments really need to see address, age, birth date, social security number and insurance subscriber numbers on their computer screen or on paper documents. By focusing on ID Theft awareness training for all employees and making additional changes to your information security policy, you may reduce the liability to your healthcare organization. By offering continuous monitoring for the employees you reduce the liability to your employees and their families.

No comments: