More than half of medical identity theft is "friendly fraud," where an uninsured person uses a friend or relative's insurance identification card to access healthcare services, according to United Credit Service, Inc.
"There are so many opportunities out there to defraud people," Dennis Jay, executive director of the Coalition Against Insurance Fraud told UCS. "You're dealing with populations that are new to insurance and don't understand the dangers of selling a Medicaid number or sharing a health ID number."
But medical identity theft and the fraudulent claims that follow it are costly and dangerous. An incorrect diagnosis, allergy or blood type noted in a medical record can lead to inappropriate or even life-threatening care. Clearing up a record corrupted by commingled information costs victims an average of $19,000, the article noted. And provider efforts to comply with Health Insurance Accountability and Portability Act (HIPAA) requirements have foiled patients' attempts to set their records straight. Some providers have refused to let patients access their medical records since information they contain belongs to thieves, the ABA Journal reported.
Insurers aren't making information security a high enough priority, cybersecurity expert Larry Ponemon told Fortune. If members report a lost identification card, for example, many payers reissue the card with the same subscriber number, Ponemon said, whereas a credit card company would create a new card with a new number.
"The insurance industry could do a better job to make sure the credential is state-of-the-art, that it isn't just a piece of plastic but has information about you…" Ponemon said. That information could include biometric indicators to verify identity. Some states have implemented this technology by using smart cards in their Medicaid programs, as FierceHealthPayer: Anti-Fraud previously reported.
A Ponemon Institute study found that medical identity theft grew 19 percent between 2012 and 2013, and the Identity Theft Resource Center noted that medical record breaches made up 43.8 percent of all breaches reported to the federal government last year, the ABA added.