•  QuickStart
• Recent Activity
• SideBar 

Billing Press
PatientScheduling
EMR & SOAP Notes
Coding & Billing
Compliance & Audit
Chiropractic Billing
Nephrology Billing
Physical Therapy Billing
Books

Seminar
Audit Risk

Performance Index
Chiropractic Billing

Get Email Updates

Outsourcing
Outsourcing Dilemma
Selection Criteria - Needs
Selection Criteria - Comparison
Zero-Sum Game Argument
Outsourced Billing - Objectives
Outsourced Billing - Costs
Technology Risk Management
Technology Architecture

Advanced Billing Concepts
Performance Metrics
Straight Through Billing
Centralized Workflow Management
Eligibility Testing
OLAP for Lost Revenue Discovery
Preferential Patient Scheduling

Compliance
Audit Risk Management
Post Payment Audit
AuditDefense
ComplianceGuidelines

Patient Billing Terms
PatientBillingTerms

How to contribute
Disclaimer

Article - August 4, 2008 - Atlantic Information Services, Inc.

New Privacy Risk: Patients Who Assume Someone Else's Identity to Obtain Treatment

A new gray cloud has arrived on the privacy officer's skyline and it promises to be as vexing as figuring out the privacy rule was back in 2002: patients who assume the identity of another person in order to receive medical care.

Nationally, estimates are that close to a quarter million people are victims of medical identity fraud each year. From figuring out who the victim is, to ensuring you don't violate the privacy rule in the process, to correcting the medical record when all the information didn't originate with you, to referring the case to authorities, to making good on money you might have not been entitled to, medical identify theft can be a privacy officer's nightmare.

This problem has come to light in the last couple of years, and so far there are no standard "best practices" for dealing with it. But some may be on the horizon, since the issue has grabbed a lot of attention lately. There is a new national project on the issue, and there was a recent press conference sponsored by insurers working on this as well.

To learn strategies you can put in place now, RPP interviewed the compliance leader of one Tennessee system that has already tackled this problem. Her approach will be discussed later in this article.

In May, the HHS Office of the National Coordinator for Health Information Technology, awarded approximately $450,000 to the consulting firm of Booz Allen Hamilton to conduct the first two parts of a project to "assess and evaluate the scope of the medical identity theft problem in the U.S," according to HHS. As part of its work, Booz Allen will hold at least one, if not two or three, town hall meetings in October. The final part of the project, which has not yet been contracted out, involves "a final report and roadmap, summarizing key issues and possible next steps."

"One of the things that people are going to be grappling with is how to negotiate HIPAA when they discover inaccurate information in their medical records, and there is a great need to educate people about how they can weave their way through the HIPAA swamp in order to have information changed, or at least have a notice of inaccuracies added to their medical record," said Jim Quiggle, spokesman for the Coalition Against Insurance Fraud. "This is one of the most critical issues right now in terms of getting consumers to have their medical records changed and at least made accurate."

The Blue Cross and Blue Shield Association held a press conference in Washington, D.C., on June 19, with several speakers, to call attention to medical identity theft and demonstrate the extent of the problem, although the association does not collect fraud statistics in this specific category.

Michael Brandt, senior manager for special investigations for Blue Shield of California, noted at the press conference that sometimes the patient is a friend or relative of the person whose identity is compromised. In California, where 25% of the population is uninsured, family members are sharing insurance cards and obtaining care to which they are not entitled, he said.

An 'Inside' Job?

The speakers said sometimes the schemes are quite elaborate. Individuals have recruited homeless people and paid them for their Social Security numbers and birth dates, which were later used to fraudulently bill for services under their names. In other cases, criminals have gone into nursing homes and, on the guise of offering to send birthday cards to the residents, have been given their birth dates. One fraud ring even had software to print fake insurance cards and driver's licenses, they said. Hospitals and other health care providers give services to these fraudsters, never knowing they are not the real person.

"We have had cases where people have checked into hospitals, had services, medical services for either child delivery or even heart surgery, and then the patient left three days afterwards and we had no idea who that person was, but they had assumed somebody else's identity and had fled," Brandt said.

Full story

 Create your own educational wiki!Help Add to Del.ici.ous Add to Digg Add to Reddit Add to fUrl Add to Spurl Privacy Policy RSS