Medical
identity theft can kill you | | |
| Victims find it difficult not only to uncover
the fraud, but also to get their health care and insurance records corrected.
As a result, victims with inaccurate claims on their insurance may bump up against
lifetime care insurance caps and find it more difficult or impossible to get future
medical, life, long-term care and supplemental insurance.
How it happens
A 2006 report
published by the World Privacy Forum found that most medical identity theft begins
at health care providers' offices, where insiders -- usually employees -- are
paid by criminals or criminal organizations to obtain medical identification information
in bulk. "Our research found that there is a huge black market
for medical records. Police tell us such records go for $50 each on the street,
compared to Social Security numbers that go for a dollar or two," Dixon says. The
stolen records are sold to individuals without insurance who are in need of elective
surgeries or other expensive treatments. "As more people are
not getting the health care they need, we're seeing an increasing incidence of
medical identity fraud," says Norbert Kugele, an attorney specializing in health
privacy laws with Warner, Norcross and Judd in Grand Rapids, Mich. "Someone will
show up at a hospital with someone else's insurance information and will seek
treatment under their name." In many cases, the thief will
take steps to prevent detection, including changing the address where insurance
and hospital information is sent. This is one reason why it takes victims so long
to discover the fraud. If they aren't getting their insurance statements or seeking
medical treatment, they are usually in the dark. A
growing threat
While most consumers are familiar with financial identity
theft, not as many are aware of medical identity theft, according to a survey
published in December by EpicTide, a provider of security systems for the health
care industry. The survey also revealed that consumers are unfamiliar with the
potential consequences of medical identity theft and have a limited understanding
of health privacy laws. Hospitals, insurance companies and
even the federal government are pushing for wide adoption of electronic health
care records that would be available to health care providers across the country.
However, a 2006 PriceWaterhouseCoopers study, "The Global
State of Security," reveals that data security isn't a high priority at health
care facilities in the United States and around the world. Only 48 percent of
the nearly 8,000 health care executives surveyed reported that their facility
encrypted data before transmission and only 37 percent have an information security
strategy. This lack of data security is potentially disastrous
if a national electronic medical database is created, says Dixon. If
hospitals and doctors all over the country are interconnected, the potential for
medical errors and even deaths resulting from medical identity theft rises exponentially,
she adds. Such a database may actually result in an increase in medical identity
theft as criminals who already know how to access various systems gain access
to data on a national scale. The World Privacy Forum estimates
that as many as 250,000 to 500,000 consumers have been victims of medical identity
theft as of mid-2006. But some doubt that medical identity theft is that widespread.
Jim Harper, author of "Identity Crisis: How Identification
is Overused and Misunderstood," labels medical identity theft as a "marginal risk"
along with others such as being hit by lightening or becoming the victim of a
terrorist attack. | 
