With healthcare organizations failing to adequately safeguard the privacy and security of patient information, 36 percent of surveyed healthcare executives say patients sought services using somebody else's name and identification. Hospitals and health systems must confirm patient identity to prevent fraud from happening, according to consulting firm PricewaterhouseCoopers (PwC).
PwC recommends giving all employees privacy training so they know when and how to appropriately access patient information, reports American Medical News. Employees can learn to identify imposters by asking patients questions about information included in their patient files that they should already know, such as age or a previous illness.
In addition, healthcare organizations can use biometrics, such as fingerprint or eye scanners, to verify patient identity. But even simply asking for identification at every patient visit can effectively prevent medical identity theft, notes PwC.
However, many organizations feel uneasy about asking for patient ID, afraid of breaching confidentiality or offending someone, according to amednews. So PwC recommends making patient privacy part of the consumer experience and hospital brand.
Going forward, hospitals should be wary of two types of medical identity thieves. They must guard against willing or sympathetic "victims" who let somebody use their identity so that person may get needed medical care, as well as unwilling victims of medical ID theft who are often the target of an insider stealing patient information to help someone they know, notes amednews.
For more:
- read the American Medical News article
- here's the PwC report (reg. required)