The health care industry is not exempt from the consequences of identity theft. Medical identity theft occurs when someone presents someone else's name or insurance information for the purpose of receiving health care.
According to the Federal Trade Commission (FTC), close to 5% of incidents involving identity theft are in the form of medical identity theft. The damages of medical identity theft can be devastating to both the victim and the health care provider.
Victims of medical identity theft can find themselves left with incorrect information in their medical record and expenses they never incurred. Health care providers may be left with a large amount of unpaid bills.
On August 1, 2009, the FTC began to enforce a the Red Flags Rule requiring businesses including health care providers to develop a program to spot the "red flags" of identity theft. Under the Red Flags Rule, organizations are required to develop a process to identify, detect, and prevent identity theft. The FTC also advises organizations to keep their Red Flags program current.
When implementing your program, keep these in mind.
- Identify: Be alert for suspicious documents or personal identifying information that appear to be altered or are inconsistent when compared to other information provided by the customer.
- Detect: Obtain and verify identification when making changes to account information.
- Prevent: When the risk of identity theft is suspected, take steps to prevent further incident.
- Update: Periodically evaluate your program and make necessary changes.