Senators question HHS on efforts to curb medical identity theft

Four senators are asking the Department of Health and Human Services what it's doing to prevent data breaches at provider and payer organizations.

In a letter to Andy Slavitt, acting administrator for the Centers for Medicare & Medicaid Services, and Jocelyn Samuels, director of the HHS Office for Civil Rights, the senators point to five major breaches in the past year--Anthem, Premera, Carefirst, Excellus and UCLA Health--that have affected up to 105 million people.

The danger of medical identity theft increases with the proliferation of breaches, they note. The authors include Lamar Alexander, chairman of the Senate Committee on Health, Education, Labor and Pensions (HELP); Patty Murray, ranking member of the HELP committee; Orin Hatch, chairman of the Senate Finance Committee; and Ron Wyden, the finance committee's ranking member.

They pose a series of questions they want answered by Nov. 24, including:

  • What services does CMS provide to Medicare and Medicaid beneficiaries who suspect they are victims of medical identity theft?
  • Do OCR and CMS track reported cases of medical identity theft?
  • Explain the effect of recent breaches on Medicare and Medicaid programs.
  • Does HHS track the financial and medical impact of identity theft on victims?

The Senate Committee on Aging heard expert testimony in October on the identity theft risks among Medicare beneficiaries.

Healthcare organizations are spending more on software to detect and mitigate fraud, while placing greater emphasis on personnel, according to a survey by the Medical Identity Fraud Alliance. However, the industry stands to lose $305 billion in cumulative lifetime revenue due to cyberattacks, an Accenture report stated recently.

To learn more:
- here's the letter (.pdf)