Medical Identity Theft More Prevalent Than You Think

“Medical identity theft occurs when someone uses a person's name and sometimes other parts of their identity—such as insurance information—without the person's knowledge or consent to obtain medical services or goods, or uses the person’s identity information to make false claims for medical services or goods. Medical identity theft frequently results in erroneous entries being put into existing medical records, and can involve the creation of fictitious medical records in the victim’s name.” - World Privacy Forum

Aside from the obvious annoyance factor, the financial implications of such an act can causes years’ worth of blemished records on your credit report, and overall consumer history.

A personal anecdote was shared on MSN the other day, in which a family’s newborn son was wrongfully charged for an OxyContin prescription. After doing some digging, the mother came to discover that she had been the victim of medical identity theft. Fortunately, she caught the charge early enough to have it waived by her insurance company, and the perpetrator identified, however most related crimes do not have such a happy ending.

What’s perhaps even scarier is the prevalence of organized crime rings, often due to corrupt healthcare workers that get rich using a person's medical information to file false claims with insurance companies. “Criminals even set up fake clinics, or buy real ones as a cover. Victims may not know it's happened until they are denied coverage for a pre-existing medical condition that they don't have," WebMD writer R. Morgan Griffin reported.

According to a recent survey by the Federal Trade Commission (FTC), 3 percent of US identity-crime victims had someone use their personal information to obtain medical services or to profit from filing false claims in their name, translating to nearly 250,000 Americans victims each year. FTC numbers suggest that medical identity crimes may cost the US economy $468 million per year.

The World Privacy Forum provides some best practices in aiding victims of identity theft:

• National level procedures

• Red flag alerts

• John or Jane Doe file extraction

• Dedicated, trained personnel available

• Focus on the right approach: Insider, not outsider

• Risk assessments specifically for medical identity theft

• Training materials and education for the healthcare sector

• Education for patients and victims

Thirty-nine states have laws requiring companies to alert you when a security breach compromises your personal information, but not all of the laws specifically protect medical information. A California law that took effect in January took that step, and other states may follow. But lawmakers have made very little progress toward fixing federal laws so that they protect a victim’s right to clear corrupted medical records.

The future of medical identity theft is somewhat bleak; however the double-edged sword is that its abundance is leading to increased awareness and security measures. The best thing you can do for yourself, your family, and particularly your patients is to encourage them to be educated on the issue. Regaining control of your identity can become a tedious, if not, impossible task, and is not to be taken lightly.