Copyright 2009 Financial IQ, LLC. All Rights Reserved
Medical Identity Theft: Expert Interview Page 2
Medical Identity Theft
News, Information, and Advice About Medical Identity Theft
Medical Identity Theft: Expert Interview Page 2
Exclusive Medical Identity Theft Interview Continued:
- Continued - Question 3: What potential problems do medical electronic records pose and how can people protect themselves from this technology?
Siciliano: Public records in regards to mortgages, UCC filings, birth certificates etc have cause lots of problems with financial identity theft. The availability of medical electronic records could result in as many problems, or not depending on the means of access and the kind of availability to who and why.
Goodman: As with any use of technology, there are advantages and disadvantages. While electronic health records have the potential to streamline medical services by allowing instant access to medical data by providers and allowing more data to be stored at lower costs, there are obvious downsides. Unlike traditional medical records, which can take up entire storage rooms, electronic health records are easy to move. They can be stored on laptops, PDAs, thumb drives or portable hard-drives. This means that there is very little effort entailed in moving or copying files. So, by their nature confidential medical files can be copied, lost or stolen with far greater ease than their hard-copy counterparts. Again, protection, at least by the consumer, of electronic medical records are illusory at best. There are very few regulations that provide for consumer redress or access. The best a consumer/patient can do if they find out a medical provider is using electronic health records is to inquire into the types of safeguards that the hospital or provider is using and choose the provider based on the safeguards.
Pollack: As with the collection of all types of personal information in electronic form, there are numerous risks that exist for the improper or inadvertent transfer or exposure of the information to unauthorized parties. Medical information is additionally problematic, because much of its “value” to the patient is making it broadly and easily available to their medical care providers. One of the most significant risks is that medical information that does not belong to an individual can be added to their “medical identity” creating the risk that a medical provider will rely on inaccurate information in choosing appropriate treatment.
McCartney: Health IT can do one of two things - and it is not yet determined which it will be. Health IT will either accelerate Medical ID Theft or help prevent it. The key will not be in the technology itself, but in the business rules and governance that guide its use. This will greatly depend on what comes out of CMS's OCR this year. Unfortunately the success of programs is almost always in the details, not the big picture. This is the thing that is often missed by advocacy groups. In many cases, these groups would rather see things limp along with no improvement rather than come to the table to ensure that the solutions that could help (and could hurt) are done right.
Naito: As protected health record is going to be managed more and more in electronic manner, risks are that they can be accessed by unauthorized persons more easily and information can be stolen depending on the security measurement that healthcare organizations employ. There are government regulations to protect the security and privacy of patients information, such as HIPAA, which mandates to have minimum of 2 forms of authentication for healthcare provide to access the protected health record. Red Flag Rule under the Fair and Accurate Credit Transactions Act requires all credit holders - such as hospitals - to have identity theft prevention measurement. Biometric technology is strongly recommended by both regulations. In order to protect yourself against the information theft and misuse of your own private information, patients will have to play active role in making sure that there is no misrepresentation of your heath in your own record. They could request a copy of the record annually. They could also keep their own numbers safe, check statement from your insurance company to make sure that date and service received ring a bell to you.
Siciliano: Expect it. I'd suggest budgeting 10%.
Goodman: It is difficult to say since the true nature and extent of medical identity theft is still unknown. In 2006 the Federal trade Commission suggested that there were approximately 250,000 cases of medical identity theft. However, this number was almost universally acknowledged as merely the tip of the iceberg. It was further recognized that the true extent of the problem was unknown due to a lack of recognition of the problem by medical providers and even the victims of medical identity theft themselves.
Pollack: No doubt there are already substantial costs built into the system today that deal with medical identity theft. It is likely that insurance fraud and the fraudulent acquisition of medical services from providers will continue to raise the overall cost structure of the healthcare system and that these costs over time will be borne by all of us.
McCartney: This is a great question, but one that is more likely to be based on medical care rather than Medical IDT. Although Healthcare fraud is HUGE, Medical IDT is far smaller (and hard to get real numbers for). Medical IDT is less of a player than the other factors in the cost. Healthcare fraud, however, could exact a significant cost to employers if not controlled. This is where how these initiatives are implemented plays big. They can help or hinder.
Naito: Healthcare organization is responsible to have security measurement to protect privacy of patients as well as their identification information. By failing to comply to regulations that address these, they are liable for potential low suits, and uncollectible medical fee caused by the identity theft.
Tip #2: Get Or Update Your Anti-Spy or Anti-Theft Software Immediately Your computer contains massive amounts of personal information about you. Everything from passwords, emails, and account numbers make you completely vulnerable to hackers without up to date anti-virus and anti-spy software. Don’t rely on free or trial versions because if you let them expire or don’t update them, you’ll be paying a lot more than the $50 to $100 it costs for a good subscription program. One virus or hack could easily cost you thousands. Just do it right the first time and save yourself the aggravation and expense. Read The Entire Article
We'll say it again: According to the Federal Trade Commission "Victims spend on average $1,200 in out-of-pocket expenses and an average of 175 hours in your efforts to resolve the many problems caused by identity thieves."