When scam artists steal insurance cards, Social Security numbers and provider IDs to gain illegal treatments, access drugs or sell information to black market, it can compromise patient safety and ruin providers' finances.
As the fastest growing type of identity theft in the world, medical identity theft strikes more than 5,300 physicians who say they are victims, according to a federal database, American Medical News reported.
On average, it costs more than $22,000 and takes more than a year to resolve medical ID theft, according to a Ponemon Institute report.
Providers might end up owing not only Medicare, but if they don't pay up, also tax liability when the Department of Treasury comes knocking for collections, according to the Centers for Medicare and Medicaid Services.
Even more, medical ID theft at provider organizations could be considered a violation the HIPAA Security Rule and result in hefty civil monetary penalties, costing hundreds of thousands of dollars or worse, criminal sanctions, Kenneth Rashbaum, attorney and principal of Rashbaum Associates in New York City, told Eli Healthcare. "No hospital wants to be in the news for a criminal prosecution of an employee."
In addition to provider ID theft, patient ID theft poses dangers in terms of safety. Physicians who see someone else's medical record could offer improper treatment. However, with health information exchanges making headway, such incidents will be harder for criminals to pull off, amednews noted.
CMS last year launched the Provider Victim Validation/Remediation Initiative to offer legitimate providers assistance in what historically is a tough task in exonerating themselves. CMS, Program Safeguard Contractors and Zone Program Integrity Contractors established points of contact across the country if providers suffered from identity theft and financial liability. Providers who believe they are victims of Medicare identity theft but not financial liability can reach out to Medicare Administrative Contractors or the Office of Inspector General, CMS explained.
For more information:
- see the amednews article
- read the Eli Healthcare article (registration required)
- check out the CMS Provider Victim Validation/Remediation Initiative (.pdf)
5 ways to survive a hospital data breach
Medicare IDs risk patient info
Smart card plan proposed to combat Medicare fraud
CMS aims to stop provider identity theft
Avoid doc ID theft with secure National Provider Identifiers
Providers: Guard against medical identity theft