Medical identity theft protections to take effect next month

About 250,000 times per year, a thief uses someone else's personal identity information--such as their name, Social Security number and date of birth--to bill medical services to an unsuspecting stranger, according to the Federal Trade Commission. While that's only about 1.3 percent to 3 percent of all identity theft crimes, this is a growing phenomenon which the agency is attempting to nip in the bud with a new set of regulations known as Red Flags Rules.

The Reg Flags Rules, which actually went into effect November 1, 2008 but only imposes penalties as of August 1, will require physicians' offices and hospitals, along with some other businesses, to create procedures to spot some classic "red flags" for identity theft, such as signs of fake or altered IDs, telltale inconsistencies in medical records or fraud alerts from consumer credit reporting agencies.

Doctors will also be required to set up procedures for detecting signs of bogus IDs or other warning signs, but also create policies for how they'll handle problems, such as alerting victims and holding off on billing for services.

The theory behind making doctors participate in this rule, the FTC says, is that doctors essentially extend credit by allowing people to pay their bills on time, which puts them in the same boat as lawyers, utility companies or auto dealers that take payment plans. The AMA vigorously contests this notion, however, and says that the new rules are likely to impose a big administrative burden on physicians' offices.

To learn more about the Red Flags Rules:
- read this Kaiser Health News piece

Related Articles:
FTC cracks down on medical identity theft
Trend: Identity thieves get better at stealing medical records
The growing problem of medical identity theft