Preventing Medical Identity Theft

Medical Identity Theft

Medical identity theft is when an individual uses someone else’s name or health insurance number for medical reasons including visiting a doctor, getting prescription drugs, filing claims with another person’s insurance provider or receiving other types of medical care. Medical identity theft is a serious issue because the thief’s medical history and treatment gets mixed in with the wrong person, it may result in payments and fees for the affected individual and may even affect a person’s credit report. The best way to protect against this type of theft is to check medical records and correct any discrepancies.

How to Detect

Detecting medical identity theft requires that individuals read through their medical and insurance statements on a regular basis. Typically, medical statements are sent after treatment has been received, and people should always verify the name, provider, date of service and what type of service was rendered to ensure no one else is using their name or health insurance to receive medical care. Any time there is a discrepancy, consumers should call their health care provider and report the problem as soon as possible. There are other warning signs of medical identity theft that individuals should be attentive to including a bill for a medical service the person in question did not receive or a call from a debt collector for a medical bill an individual should not owe. Other warning signs include a notice from a health plan that a person has reached the limit of their benefits for the year when they believe they haven’t or even a denial from an insurance company for a condition a person does not have. Checking a credit report or using a top rated credit monitoring service is another way to protect against medical identity theft; for example, medical collection notices usually appear on a person’s credit report and it’s important to check for articles consumers don’t recognize. It’s always best to double check on a discrepancy because the key to fixing this type of fraud is often acting quickly.

How to Correct

Step 1: Obtain Records

If a person believes they have been a victim of medical identity theft, they should immediately request copies of their medical records. Under federal law, consumers have the right to request this information; however, obtaining copies sometimes requires payment. Occasionally, a provider might refuse to give a person this information because they are concerned with violating privacy rights. In this situation, a consumer must submit their request in writing and allow 30 days to pass. If their request hasn’t been meant within that time frame, individuals may complain to the U.S. Department of Health and Human Services’ Office for Civil Rights. Once records have been obtained, individuals should check for errors and contact each facility where the thief may have used their information including doctor offices, clinics, hospitals, pharmacies and their healthcare insurance provider to report the theft. It’s crucial that victims of medical identity theft keep a written record of all correspondence with medical providers and insurance companies including copies of mail and emails received as well as the name of individuals spoken to, date and time and the context of all phone conversations.

Step 2: Request Accounting of Disclosures

All health plans and medical providers are required to provide consumers with a copy of accounting of disclosures once a year that is free of charge. This record will include the details of medical information a provider has sent and where that information was sent to. Individuals should request this document from all of their medical providers and their health insurance company if they believe they have been a victim of medical identity theft. This record will show who has copies of wrong information and the details of who to contact to correct this information.

Step 3: Correct Errors

Finally, consumers will need to contact all medical providers and their insurance company to explain the theft and request errors be corrected. It’s a good idea to include a copy of the medical record with discrepancies and highlight disputed items. Individuals should keep all original documents. They should also send these requests through certified mail with a return receipt to keep a record of when these requests were received, and stapling these receipts to the copies of letters and documents that were sent is a good idea. A consumer’s health plan and medical provider is responsible for fixing these errors and informing anyone else they sent the wrong information to. If they refuse, individuals should ask them to include a statement of their reported dispute in their medical record. They will also need to file a police report or an identity theft report with the Federal Trade Commission regarding the fraud. Additionally, a thief who uses another person’s information for medical care may have used their information in other occasions. In this situation, it’s important to contact the three credit reporting companies Experian, TransUnion and Equifax and send copies of their identity theft report or their police report regarding the matter. Individuals may want to consider placing a fraud alert or a security freeze on their credit to prevent other types of identity theft.

Protecting Information

There are ways to protect against medical identity theft; for instance, individuals should be wary of anyone who calls and requests their health plan ID number especially if they are offering free health services or products. Identity thieves often try to trick individuals by pretending to work for health care providers. It’s best not to share this information over the phone or through email. If this type of information must be shared, individuals should tell the person calling or emailing that they will call the health care provider’s home office number to provide the information. In addition, consumers should shred all copies of their medical information including health insurance forms, prescription copies and physician statements to assure this information can’t be stolen. Furthermore, prior to sharing information such as an insurance account number or Social Security number on a website, it’s best to read a website’s privacy policy and ensure they use SSL-encription by checking a browser’s status bar for a lock icon or an s next to the site’s URL.