TRENDING:

Safe & Sound with Marianne Kolbasuk McGee

Preventing Medical ID Theft

The Role That Consumers Can Play Marianne Kolbasuk McGee (HealthInfoSec) • September 12, 2013    

Medical ID theft, which is rapidly growing in the U.S., can be prevented by improving awareness of the threat among consumers and boosting detection by healthcare organizations, according to a new report from the Ponemon Institute.

See Also: The Cybersecurity Swiss Army Knife for Info Guardians: ISO/IEC 27001

New research, conducted by Ponemon and sponsored by the new Medical Identity Fraud Alliance, estimates that 1.84 million U.S. consumers at some point in time have been victims of medical ID fraud. That's up about 20 percent since last year's survey, says Larry Ponemon, chairman and founder of the institute.

Ponemon conducted its fourth annual survey that identified 788 adults who reported they or a close relative were victims of medical ID theft. It then used the results to help make estimates of national statistics.

Medical ID theft likely has resulted in $12 billion in-out-of-pocket expenses for U.S. consumers, Ponemon estimates. Those costs include reimbursements to healthcare providers to pay for care services given to imposters, as well as credit report monitoring and legal fees.

Engaging Consumers

To tackle the ID theft problem, MIFA - which is officially launching its efforts with the release of the new study - is aiming to kick-start better consumer awareness (see: Medical ID Fraud Alliance Launched).

That includes making consumers aware of the risks involved when they allow another person - often an uninsured family member or friend - to use their medical ID in order to obtain healthcare services, according to Ponemon. About 30 percent of medical ID theft victims shared their medical ID with the person who used the credentials, according to the survey. Another 28 percent of victims say a family member took their medical ID without permission.

Consumers need to understand that financial costs aren't the only consequence of medical ID theft. The fraud can also open the door to dangerous health risks due to incorrect information being added to a patient's records, says Robin Slade, one of the consortium's coordination directors.

For instance, if an imposter patient receives penicillin under a false ID, that drug data could become part of the victim patient's medical record. A physician may not realize that the true patient is actually allergic to penicillin the next time an antibiotic is prescribed for that individual, Slade says.

MIFA also lists steps consumers should take to better protect their health information, including safeguarding medical IDs and paperwork, reporting lost or stolen ID cards, and reviewing explanation of benefits statements from insurers, annual lists of benefit requests and credit reports.

I'd urge all employers to highlight these suggestions to their staffs during health insurance open enrollment season, which is coming up soon at many companies.

Plus, insurers could help the anti-fraud effort by making explanation of benefit statements far easier for consumers to decipher so they can better understand all the charges listed and more easily identify items that look inappropriate. In particular, this would be helpful for elderly patients or individuals with chronic illnesses who receive lots of EOBs with lots of entries - some of which may be for fraudulent charges.

Steps for Healthcare Providers

In the coming months, MIFA will be developing best practices and suggestions for various technologies that can be deployed to help counter medical ID theft, Slade says.

In the meantime, healthcare providers should take two key steps, Slade says: Authenticate patient identity by asking for photo IDs in addition to medical insurance cards and monitor more closely the activities of insiders.

Slade adds, based on experience in the financial services industry, that dishonest employees are often "released for cause" from their jobs but not prosecuted for fraudulent behavior. As a result, those individuals often end up getting new jobs and then repeat the fraudulent activity, she says.

Some financial institutions have piloted a shared database of employees who have been let go from jobs due to fraudulent activity and who were not prosecuted, she says. Some employers use that early warning system before making hires. Such a model might also be useful to the healthcare sector, she says.

While the healthcare industry continues to look for better ways to tackle medical ID theft, getting consumers more involved is a step in the right direction.

What do you think? Share your suggestions about fighting medical ID fraud with us in the comment space below.



About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.




Around the Network

Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
Why Health Firms Struggle with Cybersecurity Frameworks
Why Health Firms Struggle with Cybersecurity Frameworks
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.