Expert testimony before the Senate Committee on Aging last week outlined how identity theft can lead to multi-million dollar fraud schemes--and the preventive measures that can protect personal health information.
The hearing, led by Sen. Susan Collins (R-Maine), targeted the longstanding issue of removing Social Security numbers on Medicare beneficiary cards.
In April, President Obama signed a law prohibiting Social Security numbers from appearing on Medicare cards. When asked in March for an update on its compliance with the new law, CMS indicated it would take four years to complete the transition, after previously estimating it would take two to three years.
"In other words, CMS has actually lengthened its estimate of the time needed to solve this problem first identified by the GAO 11 years ago," Collins said in opening remarks.
Witnesses included representatives from the Office of Inspector General (OIG), the Centers for Medicare & Medicaid Services (CMS), the Electronic Privacy Information Center (EPIC) and the Senior Medicare Patrol program.
Sean Cavanaugh, deputy administrator and director at the Center for Medicare at CMS testified that the agency is in the process of switching Social Security numbers to a Medicare Beneficiary Identifier (MBI), a "complex, multi-year effort" that requires "an extensive outreach and education program for Medicare beneficiaries, providers and other stakeholders."
Meanwhile, Cavanaugh pointed to efforts that CMS has taken to prevent fraud schemes that emerge from identity theft by redesigning Medicare Summary Notices so that beneficiaries can easily identify instances of fraud.
Gary Cantrell, deputy inspector general for investigations at the OIG highlighted how medical identity theft is perpetrated by criminal enterprises, providers and healthcare company owners. Cantrell said that the OIG is focusing its efforts to reduce fraud by utilizing data analytics, Medicare Fraud Strike Force teams, external partnership and consumer education, but noted that removing Social Security numbers would be an "important first step in protecting Medicare beneficiaries' sensitive information."
Betty Balderston, statewide coordinator for the Maine Senior Medicare Patrol echoed those sentiments, adding that Senior Medicare Patrols have uncovered numerous scams targeting elderly patients.
Marc Rotenberg, president of EPIC, said that healthcare data breaches have already put consumers at an increased risk for medical identity theft, and including Social Security numbers on Medicare cards only intensifies that risk. Rotenberg emphasized recent efforts from the Department of Defense and the Department of Veterans Affairs that have successfully removed Social Security numbers from identification cards.
A study earlier this year showed medical identity theft increased 22 percent since 2013 and was more costly and complicated to resolve compared to credit card fraud. Data breaches, such as the Anthem hack that exposed information of approximately 80 million people, have emerged as conduit to medical identity theft that can lead to multiple fraud schemes.
- here's the Senate Committee on Aging hearing
- read the CMS testimony
- see the OIG's testimony
- here's testimony from the Senior Medicare Patrol
- read testimony from the president of EPIC
Medicare cards to stop displaying Social Security numbers in effort to curb ID theft
Anthem hack opens multiple inroads to healthcare fraud
Anthem hack compromises info for 80 million customers
Study: Medical identity theft increased 22 percent since 2013
Controlling medical identity theft and fraud
CMS: Healthcare reform powers fraud prevention