A new article from the American Health Information Management Association highlights best practices for medical identity theft and fraud prevention.
Medical identity theft inflicts financial harm on patients, providers and insures, and it also corrupts records with erroneous information that can lead to incorrect diagnosis and treatment.
According to AHIMA, medical identity theft usually happens in one of two ways. One is consensual: An individual may knowingly share his or her identifying information with a friend or family member in order to allow that person to obtain medical goods or services. According to a 2013 study by the Ponemon Institute, 30 percent of medical identity theft victims reported having shared their information with someone they knew.
The other type of medical identity theft is perpetrated by someone unknown to the victim, including insiders in the healthcare industry, according to the article.
To help prevent medical identity fraud, the article offers the following recommendations to healthcare providers.
• Build awareness of medical identity theft as a quality-of-care issue within your organization.
• Implement an identity theft response program with clear written policies and procedures for investigating a patient record that has been flagged
• Make patients aware of medical identity theft, which includes using someone else's medical ID or sharing theirs, and the potential consequences.
• Deploy technical fraud prevention measures such as anomaly detection and data flagging, supported by appropriate policies and processes so all flagged records are investigated.
• Offer patients who believe they may be victims of identity theft a free copy of the relevant portions of their records to review for signs of fraud.
• When an investigation reveals a record has been corrupted by medical identity theft use a procedure appropriate for the circumstances to correct the issue, such as removing the thief's information from the victim's record and placing it in a separate "medical identity theft file," or leaving the thief's information in the victim's record but flagging it as not belonging to the victim.
More Articles on Protected Health Information:
Healthcare Scores Present Growing Privacy Risks, Study Finds
GAO: Federal Agencies Need to Enhance Responses to Data Breaches
5 Ways to Improve Hospital Data Security