FTC cracks down on medical identity theft

The FTC plans to issue a new consumer protection rule that will take on the issue of medical identity theft, a growing concern now that identity thieves have recognized that medical records are rich sources of financial information that can be used to obtain credit with someone else's history. Alternate forms of medical identity theft, in which patients impersonate someone for the purpose of transferring their bill to that person, are also on the rise.

The FTC's Red Flag and Address Discrepancy Rule is written to address a wide range of financial institutions a creditors--including healthcare organizations--and requires such organizations to address identity theft risks and develop a mitigation plan. Healthcare providers, who are addressed expressly in the Red Flag Rules Guidelines, are required to identify "red flags" that help them determine when medical identity theft may be occurring, detect when a red flag event takes place, respond appropriately and update their red flag program periodically to reflect changes in potential risks.

While the FTC isn't requiring any specific red flags for healthcare providers, the World Privacy Forum has provided a detailed list of suggestions for such triggers for investigation, including a dispute of a bill by a patient who claims to be the victim of identity theft; patient's having gotten a bill for another individual or a bill for a product or service they deny receiving; records showing medical treatment that is inconsistent with a physical exam or medical history reported by the patient; a patient or insurance company report that coverage for a legitimate hospital stay is denied because insurance benefits have been depleted or a lifetime cap has been reached.

To learn more about this regulation:
- read this World Privacy Forum report (.PDF)

Related Articles:
Trend: Identity thieves get better at stealing medical records
The growing problem of medical identity theft
NY hospital worker charged with massive file theft
California expands health data breach rules

Suggested Articles

A new report shows that Medicaid managed care can save significantly more on drugs on than traditional Medicaid. Here's highlights from the analysis.

A healthcare non-profit wants to build a “moonshot factory” to bring data science and precision health to remote villages in the developing world.

Bernie Sanders' crushing win in Nevada led to stocks for payers and providers taking a tumble on Wall Street.