SlideShare a Scribd company logo

Medical Identity Theft Rise with EHR

ā€¢Download as DOCX, PDFā€¢
ā€¢
S
Sharon Nemecek

Medical Identity Theft has been on the rise.

Education
1 of 23
MEDICAL IDENTITY THEFT Has the transition to electronic health records by health care providers caused an increase in medical identity theft? MARCH 20, 2017 TECHNICAL REPORTING- BILL EBBESEN Sharon Nemecek
Memo of Transmittal: To: William Ebbesen From: Sharon Nemecek Date: March 6, 2017 Subject: Recommendation Report for the study on the rise of medical identity theft Enclosed is the report you requested on ā€œHas the transition to electronic health records by health care providers caused an increase in medical identity theft?ā€, for Technical Reporting class. This report covers how medical identity theft is done and why it is done, whether there has been a rise in medical identity theft, what measures medical facilities should take to prevent medical identity theft, and what measures patients should take to protect their medical identity. However, the report does not cover commercial identity theft or credit card fraud. The report includes information about reasons why thieves steal someoneā€™s medical identity and the ways they are able to do so. The report also goes into how transitioning to electronic health records has increased medical identity theft, and how this affects medical facilities and patients. This report analyzes ways people find out how their identity has been stolen and the types of medical identity theft. It also shows the increase in medical identity theft. In order to complete this report I was able to get much needed assistance from the Teaching and Learning center at Fox Valley Technical College. As a result, my paper included all the requirements needed to complete the assignment. I appreciate the confidence you have shown in me in assigning this project. Please contact me with any questions regarding the areas covered. My phone number is (920)733-9228 and my e- mail address is nemecek0613@fvtc.edu.
1 Table of Contents Executive Summary........................................................................................................................ 2 Introduction:.................................................................................................................................... 4 Background of Feasibility Issue:................................................................................................. 4 Purpose of the Report.................................................................................................................. 4 Scope of the Report..................................................................................................................... 4 Sources of the Report .................................................................................................................. 5 Discussion of Findings.................................................................................................................... 6 How is Medical Identity Theft Done and Why is it Done?......................................................... 6 Has There Been an Increase in Medical Identity Theft? ............................................................. 7 What measures are taken by medical facilities to prevent medical identity theft? ..................... 9 What measures should patients take to protect themselves from medical identity theft?......... 11 Factual Summary / Conclusions: .................................................................................................. 14 Recommendations:........................................................................................................................ 16 References..................................................................................................................................... 18
2 Executive Summary To determine if medical identity theft has been on the rise since the implementation of electronic health records, instructor Bill Ebbesen requested a study be done to determine if this is true. I researched information from several reliable sites which included scholarly journals, textbooks, internet, and videos to assess information about medical identity theft, and will present my findings and recommendations. Several reasons were stated in the documentation why thieves would steal someoneā€™s medical identity. One of the reasons was to receive medical care for themselves because they were not able to afford their own. They may want access to prescriptions for themselves or sell them to make money. Supplies can also be obtained and re-sold. Many times, the stealing of medical identity is for profit and the people who commit this crime are very good at accessing patient information by hacking into someoneā€™s medical records. All they need is some personal information about the patient such as a social security number. Employees who are careless with protecting electronic devices or not following guidelines could allow hackers access to their databases. Information can be hacked into and sold. To carry out this study, information was obtained from research reports from the Poneman Institute that noted a rise in medical identity theft after the push to go to electronic medical records. Todd Feinman, who is a security expert, was interviewed for an article for ā€œObesity Fitness & Wellness Weekā€. He felt that going to electronic health records has escalated medical identity theft. The Identity Theft Resource Center stated that medical identity theft has risen at a larger pace than other businesses. Since medical identity theft has escalated, medical facilities need to be proactive in protecting themselves and their patients. Several sites outlined ways that facilities can do this by protecting electronic devices and computers. Making sure all electronic devices and computers are locked and password protected, by verifying patientā€™s information when they come to their facility, doing a complete background check on new employees, and thoroughly training all employees to make sure they are knowledgeable about all guidelines, will help to prevent medical identity theft.
3 The study also determined that patients should be made aware of how medical identity theft could affect them. A patient can do things to help prevent this from happening to them. They should always check their bills to make sure an unusual charge is not showing, they should not share personal information especially over the phone, and insurance cards and other personal identification should be kept in a safe place. It is important for patients to go onto their account to look for discrepancies or ask for a copy of their medical records to verify everything is correct. Patients should also be aware that allowing someone they know to use their medical identity to receive service is a crime.
4 Introduction: To determine if medical identity theft has been increasing since the implementation of electronic health records, instructor Bill Ebbesen requested a feasibility report to address this issue. Background of Feasibility Issue: With the cost of medical care always rising, and with medical facilities transitioning to electronic health records, medical identity theft also has been on the rise. Transferring to electronic health records by medical facilities since the ā€œAmerican Recovery and Reinvestment Act of 2009ā€ and the ā€œAffordable Care Act in 2010ā€, there has been an increase in breaches electronically of patientsā€™ personal information. The stealing of medical identity and selling the information tends to be very profitable for thieves. A patientā€™s medical record contains a great deal of personal information including credit card numbers from health savings accounts. Employee errors are a big reason for medical identity theft. The main cause of medical identity theft is from hacking into a patientā€™s account. Medical identity theft has increased significantly in the last several years. Medical facilities need to put measures in place and have thorough training of all staff to help prevent patientsā€™ information from being stolen. Patients should also be made aware of what could happen, and the measures they need to take to protect themselves. Purpose of the Report Since all medical facilities will need to transfer to electronic health records, this has motivated thieves to find ways to access the information. The purpose of this proposal is to analyze why medical identity theft is being done and how it is being done. The goal is to set up a plan and have procedures in place to guard against medical identity theft. Scope of the Report This proposal describes how medical identity theft is done and why it is done. It also discusses the increase in medical identity theft and how it relates to the transition to electronic health records. The measures that facilities use to prevent medical identity theft is also addressed in this report as well as what patients can do to protect themselves. However, the report does not cover commercial identity theft or credit card fraud.
5 Sources of the Report The sources used for compiling this report included library based journals and articles. Internet magazine articles were also useful. I utilized two video sources as well. The majority of the information was gained from secondary sources. The reason these resources were used was because of the large amount of information available. I did not include first-hand opinions because I felt they could be biased.
6 Discussion of Findings How is Medical Identity Theft Done and Why is it Done? According to Kieke (2009), ā€œMedical identity theft is the inappropriate or unauthorized misrepresentation of individually identifiable health information for the purpose of obtaining access to property or services, which may result in long-lasting harm to an individual interacting with the health care continuumā€ (p. 51). Some reasons why someoneā€™s identity is stolen are: a person wants to receive health insurance benefits for themselves using another personā€™s information, an employee of a medical facility gets paid for selling the information, or by people who are trying to obtain drugs for themselves or to sell them for profit (Kieke, 2009). Harry B. Rhodes, who is director of Practice Leadership for the American Health Information Management Association (AHIMA), asserted that ā€œThese people are very quick about itā€ when he discussed medical information being stolen. He talks about how after the information is taken, a large amount of false claims are submitted using the identity of the person whoā€™s information was stolen. Many times, the medical identity information is sold (Kieke, 2009, p. 52). According to McNeal (2014), thieves who steal medical records are able to have entrance into all the patientā€™s pertinent information including access codes and safety questions that are on file. Gaining access to a social security number could allow the thieves to make costly purchases in the patientā€™s name. Criminals who hack into medical accounts are able to receive more money selling health insurance information than what is received from the sale of credit cards. It is not uncommon for thieves to obtain services for medical procedures, medical equipment, and prescriptions using someone elseā€™s identity (p. 20). Employees who do not follow correct procedures are one of the main reasons for medical identity theft. Three quarters of medical facilities have determined that the carelessness of employees is the reason their data is hacked. Human error is a big part of the problem. Electronic devices need to be secured and password protected. If someone is careless, a patientā€™s personal information could be accessed even though the security system for the network and computers is secure (McNeal, 2014).
7 Below figure 1 shows the main types of medical identity theft and the corresponding percentage per type. The percentage shows from 2007 through 2014, but for ā€œemployee negligenceā€, the data was only compiled for years from 2012 through 2014 (Identity Theft Resource Center, 2015). Types ofMedical Identity Breaches % from 2007-2014 Hacking 21.7% Data on the Move 15.9% InsiderTheft 12% Accidental Exposure 12% Subcontractor/ Third Party 11.2% Employee Negligence 9.5 ( for yearsfrom 2012-2014) Figure 1 (Identity Theft Resource Center, 2015) Has There Been an Increase in Medical Identity Theft? An academic article states that ā€œmedical identity theft spiked 22 percent in 2014. Medical identity theft is projected to continue to rise. Actions need to be taken by medical facilities to safeguard themselves. The article noted a need for cyber liability insurance for medical providers to cover damages if their systems are hacked (Medical ID Theft Increases, 2015). According to an article from Obesity Fitness & Wellness Week, Todd Feinman, who is a security expert, felt the movement to electronic records will cause a greater chance of medical identity theft because many providers are not taking the needed precautions (Obamaā€™s Support, 2009). ā€œWhy Medical Identity Theft is Rising and How to Protect Yourselfā€, referred to information from the Identity Theft Resource Center which determined that medical identity theft has risen higher than other businesses. Medical records contain important personal information including credit card and social security numbers. Computer generated attacks have been focusing on medical facilities. In fact, nearly 100 % of health care facilities have had their medical records hacked in the last few years. Almost half of companies who have a working relationship with the medical facilities have also been hacked (Shin, 2015). According to a video from the Wall Street Journal, ā€œMedical Identity Theft on the Riseā€, medical identity theft has been increasing the last few years. Thieves will steal someoneā€™s medical identity and use the information to get medications or have medical procedures. The patient will
8 not realize what has happened until they get a bill for a procedure they have not had or notice something in their medical records has changed. The problem has gotten so severe that a group of major insurance companies have formed the ā€œMedical Identity Fraud Allianceā€ to help fight this problem. The Department of Justice and Health and Human Services are the federal agencies who are focusing on examining the increase in medical identity theft. Some facilities have implemented a scanner to screen the patientā€™s fingerprints to verify a patientā€™s identity. A medical facility in California was involved in a plot to defraud Medicare and Medicaid by arranging to have people be seen at the clinic under the stolen identities and receive a prescription which would later be sold illegally. A physician at the facility was arrested for health care fraud and conspiracy (Zelevansky, 2015). More medical facilities have been transferring to electronic health records since the American Recovery and Reinvestment Act of 2009, and the Affordable Care Act in 2010, causing a larger chance of cyber-attacks. Criminals also feel that it is easier to access health care accounts versus other businesses (Shin, 2015). Since the implementation of the ā€œHealth Insurance Portability and Portability Act of 1996 (HIPAA)ā€, the duties of the privacy officer changed. Facilities transferring to electronic health records has required the privacy officer to have a better technological background. Their role has become more involved with more responsibilities including making sure staff are well trained and in compliance with all guidelines. Another important part of a security officerā€™s job involves making sure security is in place to prevent unlawful access to the electronic health records, reviewing and revising procedures, and training staff on correct guidelines (Dimick, 2012). Furthermore, the textbook, Health Information Management Technology: An Applied Approach, stated that the nationwide health information network (NHIN) and the implementation of electronic health records, has increased medical identity theft. It stated that ā€œelectronic systems with multiple centralized and decentralized databases could facilitate both the commission and hiding of this crimeā€ (Sayles, 2014, p. 739).
9 Figure 2 shows the increase in medical identity theft from the year 2010 through 2014. The chart shows an increase from 15% in 2010, and by 2014 it had increased to 28% which is a 13% increase in four years. The article compiled the information from a study that was done by the Poneman Institute (Munrow, D., 2015). Figure 2 (Munrow, D., 2015) Finally, Rick Kam, who is president of ID Experts, stated the FBI feels thieves receive more money selling stolen medical health insurance information than the price they would receive for selling social security cards (Shin, 2015). What measures are taken by medical facilities to prevent medical identity theft? Stealing someoneā€™s medical identity is not a difficult task. All the thief needs would be part of the personā€™s personal information or a personal document or card, for instance, a social security card. Even a copy of someoneā€™s insurance card would be enough to steal their medical identity (Weinstock, 2015). Because of the increase in medical identity theft, it is important for medical facilities to have measures in place to protect their patientsā€™ medical identity. Some of the ways this can be done would be: protecting who has access to the patientā€™s records, verifying a patientā€™s identity in the 15% 15% 19% 23% 28% 0% 5% 10% 15% 20% 25% 30% 2010 2011 2012 2013 2014 Increase in Medical Identity Theft % comparison
10 reception area by checking picture identification, and verifying personal information. Employees should receive thorough training in processes to prevent identity theft. It would also be beneficial to pre-register the patient before their visit and get pre-authorization from their insurance company (Weinstock, 2015). While verifying documentation is extremely important, protecting the electronic health record is essential. Using a protected server is mandatory and information sent by e-mail should always be encrypted to prevent hackers from accessing the information. Computers should be locked and pass-codes should be used. Electronic devices should be protected from being stolen (Weinstock, 2015). Training documents should include clear instructions on how employees should protect their patients from having their identity stolen. Employee training should be ongoing and they need to fully understand HIPAA guidelines. Areas where patientsā€™ information is kept should always be secure from non-authorized people. Patient documentation should never be left unattended. Asking for a driverā€™s license and a valid insurance card during registration should be required. The associate should verify the information with the patientā€™s electronic record (Weinstock, 2015). An employer should make sure a prospective employee is completely vetted before they are hired. New employees should only have security for the jobs they are trained. Only authorized staff should have access to certain information and areas of the facility. Employees should be thoroughly trained in how to notice discrepancies in medical records or in documents. If anything does not seem right, completely evaluate the situation (Weinstock, 2015). Medical identity thieves are becoming savvy at accessing electronic health records. Medical facilities need to be vigilant in protecting themselves and their patients by following federal and state regulations as required (Weinstock, 2015). In addition, in the textbook ā€œHealth Information Management Technology: An Applied Approachā€, they talk about instances where doctors were also having their identityā€™s stolen. The thieves use the stolen credentials to charge medications and other health care equipment or services that have never happened (Sayles, 2014).
11 Therefore, the book emphasizes that health care locations need to determine how thieves are capable of accessing information so they can set up procedures to protect themselves and their patients from medical identity theft. Most facilities follow HIPAA guidelines, but it is not enough. It is important that new employees receive extensive screening before being hired. The book stated that ā€œThe problem becomes almost unsolvable in the context of secondary releases of false information for insuranceā€ (Sayles, 2014, p. 739). According to Rhodes (2015), ā€œThe Federal Trade Commissionā€™s (FTC) Red Flags Rule requires organizations to develop and implement a formal, written identity-theft-prevention program with the purpose of detecting the warning signs, or ā€˜red flagsā€™ of identity theft throughout their operationsā€. He talked about a huge instance of medical identity theft that occurred at Anthem insurance company where assorted patient personal information was stolen. The information was hacked, and it went on for almost a year. Setting up these red flags could have alerted the company to the breach. Many health care providers are unaware of the severity of medical identity theft. A shortage of employees was another issue. Many times a facility does not have enough trained staff employed to support an effective privacy plan (p.28). Medical facilities should screen for unusual changes in a patientā€™s medical records. Changes in personal identification like a birthdate could signal something is not right. Procedures need to be in place to determine how to proceed and what to watch. Using computer applications with privacy settings will help to pick up problems and stop unauthorized use. The software can pick up repetitions in use that can signal a breach (Rhodes, 2015). Per the article, with more and more medical facilities transferring to electronic health records, it will increase the movement towards medical identity theft. Medical facilities need to be attentive to protect their patients (Rhodes, 2015). What measures should patients take to protect themselves from medical identity theft? Medical identity theft can cause real problems for patients. It can not only cause financial problems with unauthorized medical expenses, but it could even affect the patientā€™s health if someone elseā€™s medical information ends up in their health records. For instance, if the patient needed to have a blood transfusion and their blood type was changed, it could end up being fatal (Andrews, 2016).
12 Warning a patient about medical identity theft is a good procedure for medical facilities to follow. Sometimes patients do not fully understand the consequences of sharing personal information. Keeping personal documents like insurance cards in a secure place and not sharing them, is information a facility should make the patient aware of. A patient should check their medical account periodically to monitor it for unusual activity and request medical invoices and records to examine them for discrepancies (Weinstock, 2015). Figure 3 shows some of the ways patients learn about Medical Identity Theft. The graph shows the percentage of ways they first learn about having their medical identity accessed (Praskac, A.,2012). Figure 3 (Praskac,A., 2012) Discovering medical identity theft can be difficult. Patients should not divulge their personal or medical data to anyone. The article states that patients should go over the explanation of benefits letter completely. It is also important to go over any paperwork or charges received from providers and insurance companies. Even checking your credit report was suggested. All 46% 30% 16% 9% 9% 5% Victims First Learn About Medical Identity Theft Receipt of Collection Letter Discover Mistake in Health Records Drop in Credit Score Alert for Health Care Provider Errors Posted to Medical Invoices Data Breach Notification
13 personal identification cards should be protected and not shared. It would be a good idea to inquire about the reason any requests are made for the information. Sharing upcoming medical procedures on social media is not recommended. A criminal can find other information online and use it to set up a medical account in your name. There have even been instances of other family members stealing their relativeā€™s identity to receive health care. Almost half the people surveyed for the article said their identity was stolen by a relative or an acquaintance. If a patient allows someone to use their medical information, it is a federal crime. Some people feel they are just helping someone out who doesnā€™t have health insurance, but should be aware that it could cause them legal problems (Andrews, 2016). According to the video, ā€œMedical ID Theft on the Riseā€ regarding a study from the Poneman Institute, the rise of medical identity theft is up to over 2 million people. The film mentioned how the majority of people do not even realize their identity has been stolen until several months after, and one third of the people never even realize it had happened. Medical identity theft costs patients a lot of money to correct the problem and it is also time-consuming (Medical ID Theft on the Rise, 2015). Educating the patient on how they can protect themselves is important. Inform them how important it is to verify that all their medical information is accurate and to inquire if they have questions or concerns (Merisalo, 2008).
14 Factual Summary / Conclusions: Medical identity theft is happening to obtain medical insurance benefits by either someone in need of insurance or by individuals who are selling the information for profit. Another reason would be for obtaining drugs or medical supplies which also can be sold for profit. Gaining access to someoneā€™s medical identity opens up many avenues for thieves. Stealing someoneā€™s medical identity is more profitable than from the sale of stolen credit cards. Thieves have learned how to access someoneā€™s medical identity electronically by gaining access to some of the patientā€™s personal identifiers such as social security numbers. If thieves gain access to a patientā€™s insurance card, they will be able to obtain all the patientā€™s personal identifiers. A careless employee who does not follow guidelines set in place by the facility could open up a path for patients to have their medical identity stolen. Any electronic device used by an employee should always be secured and computers should be password protected and not left unattended when the employee walks away. Any e-mails sent should be encrypted. There has been an increase in medical identity theft in the last several years. Medical identity theft has risen higher than identity theft has in other commercial businesses. Projections show that this increase will continue to grow. Some of the breaches of medical identity include computer hacking, data moving from one location to another, someone from the inside helping the thieves for profit, accidental exposure, carelessness by a subcontractor or third party vendor, and employee negligence. Medical records contain valuable information on patients like birthdate, address, phone numbers, even credit card numbers. Almost all medical facilities have had their medical records compromised in the last few years. Thieves have been focusing on hacking into medical facility computers. Since more medical facilities have been converting to electronic records, this has motivated thieves to hack into medical accounts. Thieves feel they have an easier time accessing health accounts than they do accessing other businesses. Because of the many integrated and regionalized databases available, it makes it easier to hide the misdeeds.
15 Many medical facilities hire security or privacy officers to oversee security at their locations to make sure procedures are in place. The servers used by the facility should be protected. Employees receive training to follow guidelines set up to prevent medical identity theft. The reception desk is trained to verify the appropriate information to determine the patient who is being seen is the person showing in the account. Facilities hire employees that have been thoroughly screened. Warning flags signal to the staff if something is amiss so they can investigate it further. Patients should be educated and aware of ways to protect themselves from having their medical identity stolen. Many times they do not realize their identity has been stolen until they receive a bill that is for something they never received. Patientā€™s need to be made aware of how important it is to be careful about sharing their personal information. Even having the wrong information on their medical records could be dangerous to their health. Going over bills from their provider or from their insurance company could show if any information is incorrect.
16 Recommendations: With medical identity theft on the rise it is important for medical facilities to use proper measures to make it harder for thieves to access patient information. Based on the findings in this report the following are the recommendations: 1. A medical security officer should be used to oversee all areas by making sure the server is secure and that the firewall is working. 2. The facility should implement technical fraud prevention measures and software that will flag possible breaches. 3. The data should be encrypted to prevent hackers from accessing patient information. 4. All employees should receive thorough training in appropriate procedures for handling of patient information. 5. Password protection should be used on all computers and electronic devices. 6. Computers should never be left unattended with patient information showing. 7. Areas of the facility should be secure and only personnel with the correct credentials should be allowed in the secured areas. 8. The reception area should be thorough in verifying patient information and matching it to what shows on the patientā€™s account. 9. A photo ID should be scanned into each patientā€™s account to help with the identification process. 10. All HIPAA guidelines should be followed by the staff. 11. New staff should be thoroughly vetted before being hired. 12. Vendors should also be scrutinized and informed on policies in place by the medical facility so they also follow correct guidelines. Patients should also be educated on ways to look for medical identity theft. They should be told to monitor their medical records to make sure everything is correct and to contact the medical facility immediately if it is not. They should also check over all statements from the facility and from their insurance company to confirm there are no unauthorized charges. It is extremely important to educate patients to protect their personal information such as their social security and insurance cards. If they receive a call asking for some personal identifiers, it should be
17 questioned further and they should keep to a minimum the information they share. The Medical facility should never ask the patient over the phone for their complete social security number. Monitoring their credit report is also advisable.
18 References Andrews, M. (2016, August 25). The Rise of Medical Identity Theft. Consumerreports.org. Retrieved from: http://www.consumerreports.org/medical-identity-theft/medical-identity- theft/ Dimick, C. (2012, April). The New Privacy Officer: Journal of AHIMA 83, no.4. Retrieved from: http://bok.ahima.org/doc?oid=105340#.WNgI1fkrLIV Identity Theft Resource Center (2015, January 12). Identity Theft Resource Center Breach Report Hits Record High in 2014. Retrieved from: http://www.idtheftcenter.org/ITRC- Surveys-Studies/2014databreaches.html Kieke, R. L. (2009). Although a Relatively New Risk Area, Medical Identity Theft Should Not Be Taken Lightly. Journal Of Health Care Compliance, 11(1), 51-74. Retrieved from: http://applibproxy.fvtc.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true &db=buh&AN=36097369&site=eds-live McNeal, M. (2014). HACKING HEALTH CARE. (cover story). Marketing Health Services, 34(3), 16-21. Retrieved from: http://applibproxy.fvtc.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true &db=buh&AN=98169038&site=eds-live ā€œMedical ID Theft Increases Doctors Bewareā€. (2015, March 11). States News Service. Retrieved from http://applibproxy.fvtc.edu/login?url=http://go.galegroup.com/ps/i.do?p=AONE&sw=w &u=foxvtc&v=2.1&it=r&id=GALE%7CA404795380&sid=ebsco&asid=6daf4efdefe415 b2261a5e7153733ef3
19 ā€œMedical Identity Theft: Patient access first in line to manage the nation's fastest growing crimeā€. (2008). Health Care Registration: The Newsletter for Health Care Registration Professionals, 17(9), 1-11. Retrieved from: http://applibproxy.fvtc.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true &AuthType=cookie,ip,cpid&custid=s6254798&db=c9h&AN=32022412 Munrow, D. (2015, February 23). New Study Says Over 2 Million Americans Are Victims of Identity Theft. Retrieved from: https://www.forbes.com/sites/danmunro/2015/02/23/new- study-says-over-2-million-americans-are-victims-of-medical-identity- theft/#7d7825115a05 Obama's Support for Digital Health Records May Increase Identity Theft. (2009, May 23). Obesity, Fitness & Wellness Week, 199. Retrieved from http://applibproxy.fvtc.edu/login?url=http://go.galegroup.com/ps/i.do?p=AONE&sw=w& u=foxvtc&v=2.1&it=r&id=GALE%7CA200018567&sid=ebsco&asid=1a23efeed71b005 ecf192caa6b5ddc76 Praskac, A. (2012, February 21). Amy on Organizing Records. Landmark Studies by the Poneman Institute. Retrieved from: http://www.ontherecordorganizing.com/amy-on- organizing-records/medical-identity-theft-statistics Rhodes, R. (2015). How red flags, policies and technology can catch medical identity theft. Health Management Technology, 36(4), 28-29. Retrieved from: http://applibproxy.fvtc.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true &AuthType=cookie,ip,cpid&custid=s6254798&db=cmedm&AN=26357777 Sayles, N. (2014). Health Information Management Technology: An Applied Approach (4th ed.). American Health Information Management Association.
20 Shin, L. (2015, May 29). Why Medical Identity Theft Is Rising And How To Protect Yourself. Forbes. Retrieved From: https://www.forbes.com/sites/laurashin/2015/05/29/why- medical-identity-theft-is-rising-and-how-to-protect-yourself/#6df638e13608 Video: Study: Medical ID theft on the rise. (2015, February 25). Local Broadcast Video Content. Retrieved from http://applibproxy.fvtc.edu/login?url=http://go.galegroup.com/ps/i.do?p=AONE&sw=w& u=foxvtc&v=2.1&it=r&id=GALE%7CA402990111&sid=ebsco&asid=5ed9c04f0789669 d69f8e70bf84b9caf WEINSTOCK, D. (2015). Is Your Practice at Risk for Medical Identity Theft? Are you taking the proper steps to prevent this crime?...Reprinted with Permission from The Journal of Medical Practice Management, Nov/Dec 2014, pgs 168-170. Podiatry Management, 34(8), 123-125. Retrieved from: http://applibproxy.fvtc.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true &AuthType=cookie,ip,cpid&custid=s6254798&db=rzh&AN=110454249 Zelevansky, j. (2015, August 7). Medical Identity Theft On the Rise. [Video file]. Retrieved from: https://www.youtube.com/watch?v=PIFasQw336A
21

Recommended

Medical Billing and Coding Job Outlook
Medical Billing and Coding Job OutlookMedical Billing and Coding Job Outlook
Medical Billing and Coding Job Outlookbadinvestigatio79
Ā 
Data Breach: It Can Happen To You
Data Breach: It Can Happen To YouData Breach: It Can Happen To You
Data Breach: It Can Happen To YouCooperative of American Physicians, Inc.
Ā 
Case Study: Combating Medical Identity Theft
Case Study: Combating Medical Identity TheftCase Study: Combating Medical Identity Theft
Case Study: Combating Medical Identity TheftBooz Allen Hamilton
Ā 
AVAILABILITY, ACCESSIBILITY, PRIVACY AND SAFETY ISSUES FACING ELECTRONIC MEDI...
AVAILABILITY, ACCESSIBILITY, PRIVACY AND SAFETY ISSUES FACING ELECTRONIC MEDI...AVAILABILITY, ACCESSIBILITY, PRIVACY AND SAFETY ISSUES FACING ELECTRONIC MEDI...
AVAILABILITY, ACCESSIBILITY, PRIVACY AND SAFETY ISSUES FACING ELECTRONIC MEDI...ijsptm
Ā 
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...Hybrid Cloud
Ā 
Universal Patient Identity: eliminating duplicate records, medical identity t...
Universal Patient Identity: eliminating duplicate records, medical identity t...Universal Patient Identity: eliminating duplicate records, medical identity t...
Universal Patient Identity: eliminating duplicate records, medical identity t...3GDR
Ā 
Eliminating human errors in medical coding
Eliminating human errors in medical codingEliminating human errors in medical coding
Eliminating human errors in medical codingSharon Nemecek
Ā 
DATA BREACH CHARTS
DATA BREACH CHARTSDATA BREACH CHARTS
DATA BREACH CHARTS- Mark - Fullbright
Ā 

Recommended

Medical Billing and Coding Job Outlook
Medical Billing and Coding Job OutlookMedical Billing and Coding Job Outlook
Medical Billing and Coding Job Outlookbadinvestigatio79
Ā 
Data Breach: It Can Happen To You
Data Breach: It Can Happen To YouData Breach: It Can Happen To You
Data Breach: It Can Happen To YouCooperative of American Physicians, Inc.
Ā 
Case Study: Combating Medical Identity Theft
Case Study: Combating Medical Identity TheftCase Study: Combating Medical Identity Theft
Case Study: Combating Medical Identity TheftBooz Allen Hamilton
Ā 
AVAILABILITY, ACCESSIBILITY, PRIVACY AND SAFETY ISSUES FACING ELECTRONIC MEDI...
AVAILABILITY, ACCESSIBILITY, PRIVACY AND SAFETY ISSUES FACING ELECTRONIC MEDI...AVAILABILITY, ACCESSIBILITY, PRIVACY AND SAFETY ISSUES FACING ELECTRONIC MEDI...
AVAILABILITY, ACCESSIBILITY, PRIVACY AND SAFETY ISSUES FACING ELECTRONIC MEDI...ijsptm
Ā 
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...Hybrid Cloud
Ā 
Universal Patient Identity: eliminating duplicate records, medical identity t...
Universal Patient Identity: eliminating duplicate records, medical identity t...Universal Patient Identity: eliminating duplicate records, medical identity t...
Universal Patient Identity: eliminating duplicate records, medical identity t...3GDR
Ā 
Eliminating human errors in medical coding
Eliminating human errors in medical codingEliminating human errors in medical coding
Eliminating human errors in medical codingSharon Nemecek
Ā 
DATA BREACH CHARTS
DATA BREACH CHARTSDATA BREACH CHARTS
DATA BREACH CHARTS- Mark - Fullbright
Ā 
Medical Identity Theft ā€“ Causes, Consequences, and Cures with Jim Quiggle, Di...
Medical Identity Theft ā€“ Causes, Consequences, and Cures with Jim Quiggle, Di...Medical Identity Theft ā€“ Causes, Consequences, and Cures with Jim Quiggle, Di...
Medical Identity Theft ā€“ Causes, Consequences, and Cures with Jim Quiggle, Di...RightPatientĀ®
Ā 
Technologies and procedures for HIPAA compliance
Technologies and procedures for HIPAA complianceTechnologies and procedures for HIPAA compliance
Technologies and procedures for HIPAA complianceJack Shaffer
Ā 
Reasons for the Popularity of Medical Record Theft
Reasons for the Popularity of Medical Record TheftReasons for the Popularity of Medical Record Theft
Reasons for the Popularity of Medical Record TheftOPSWAT
Ā 
Confidentiality & privacy
Confidentiality & privacyConfidentiality & privacy
Confidentiality & privacykendale
Ā 
Digital Health Data
Digital Health DataDigital Health Data
Digital Health DataShahidul Islam Khan Nayeem
Ā 
Sample HIPAA Training
Sample HIPAA Training Sample HIPAA Training
Sample HIPAA Training Tara Goodwin
Ā 
HIPPA-Health Insurance Portability and Accountability Act
HIPPA-Health Insurance Portability and Accountability ActHIPPA-Health Insurance Portability and Accountability Act
HIPPA-Health Insurance Portability and Accountability ActHarshit Trivedi
Ā 
HIPAA AND INFORMATION TECHNOLOGY
HIPAA AND INFORMATION TECHNOLOGYHIPAA AND INFORMATION TECHNOLOGY
HIPAA AND INFORMATION TECHNOLOGYmariaradziminski
Ā 
Hipaa Goes Hitech
Hipaa Goes HitechHipaa Goes Hitech
Hipaa Goes HitechCandy Matheny
Ā 
Preventing Provider Medical Identity Theft
Preventing Provider Medical Identity TheftPreventing Provider Medical Identity Theft
Preventing Provider Medical Identity Theft- Mark - Fullbright
Ā 
Annual HIPAA Training
Annual HIPAA TrainingAnnual HIPAA Training
Annual HIPAA TrainingCynthia Holland
Ā 
Risk management in Healthcare on Cloud
Risk management in Healthcare on CloudRisk management in Healthcare on Cloud
Risk management in Healthcare on CloudSandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
Ā 
Mustafa Degerli - 2016 - Answers for MI 502 ā€“ Introduction to Medical Informa...
Mustafa Degerli - 2016 - Answers for MI 502 ā€“ Introduction to Medical Informa...Mustafa Degerli - 2016 - Answers for MI 502 ā€“ Introduction to Medical Informa...
Mustafa Degerli - 2016 - Answers for MI 502 ā€“ Introduction to Medical Informa...Dr. Mustafa Değerli
Ā 
Compliance
ComplianceCompliance
ComplianceMark Lanterman
Ā 
Training on confidentiality MHA690 Hayden
Training on confidentiality MHA690 HaydenTraining on confidentiality MHA690 Hayden
Training on confidentiality MHA690 Haydenhaydens
Ā 
Hipaa overview 073118
Hipaa overview 073118Hipaa overview 073118
Hipaa overview 073118robint2125
Ā 
HIPAA
HIPAAHIPAA
HIPAAkgriffin62
Ā 
Health management information systems for universal health coverage
Health management information systems for universal health coverageHealth management information systems for universal health coverage
Health management information systems for universal health coverageMEDx eHealthCenter
Ā 
HIPAA Compliance
HIPAA ComplianceHIPAA Compliance
HIPAA ComplianceManny Oliverez
Ā 
HIPAA
HIPAAHIPAA
HIPAAPaul D. Friedman, M.A., Ph.D., J.D.
Ā 
Page 1 Executive Summary Policy makers are looking.docx
Page 1 Executive Summary Policy makers are looking.docxPage 1 Executive Summary Policy makers are looking.docx
Page 1 Executive Summary Policy makers are looking.docxsmile790243
Ā 
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docxPage 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docxkarlhennesey
Ā 

More Related Content

What's hot

Medical Identity Theft ā€“ Causes, Consequences, and Cures with Jim Quiggle, Di...
Medical Identity Theft ā€“ Causes, Consequences, and Cures with Jim Quiggle, Di...Medical Identity Theft ā€“ Causes, Consequences, and Cures with Jim Quiggle, Di...
Medical Identity Theft ā€“ Causes, Consequences, and Cures with Jim Quiggle, Di...RightPatientĀ®
Ā 
Technologies and procedures for HIPAA compliance
Technologies and procedures for HIPAA complianceTechnologies and procedures for HIPAA compliance
Technologies and procedures for HIPAA complianceJack Shaffer
Ā 
Reasons for the Popularity of Medical Record Theft
Reasons for the Popularity of Medical Record TheftReasons for the Popularity of Medical Record Theft
Reasons for the Popularity of Medical Record TheftOPSWAT
Ā 
Confidentiality & privacy
Confidentiality & privacyConfidentiality & privacy
Confidentiality & privacykendale
Ā 
Sample HIPAA Training
Sample HIPAA Training Sample HIPAA Training
Sample HIPAA Training Tara Goodwin
Ā 
HIPPA-Health Insurance Portability and Accountability Act
HIPPA-Health Insurance Portability and Accountability ActHIPPA-Health Insurance Portability and Accountability Act
HIPPA-Health Insurance Portability and Accountability ActHarshit Trivedi
Ā 
HIPAA AND INFORMATION TECHNOLOGY
HIPAA AND INFORMATION TECHNOLOGYHIPAA AND INFORMATION TECHNOLOGY
HIPAA AND INFORMATION TECHNOLOGYmariaradziminski
Ā 
Hipaa Goes Hitech
Hipaa Goes HitechHipaa Goes Hitech
Hipaa Goes HitechCandy Matheny
Ā 
Preventing Provider Medical Identity Theft
Preventing Provider Medical Identity TheftPreventing Provider Medical Identity Theft
Preventing Provider Medical Identity Theft- Mark - Fullbright
Ā 
Annual HIPAA Training
Annual HIPAA TrainingAnnual HIPAA Training
Annual HIPAA TrainingCynthia Holland
Ā 
Mustafa Degerli - 2016 - Answers for MI 502 ā€“ Introduction to Medical Informa...
Mustafa Degerli - 2016 - Answers for MI 502 ā€“ Introduction to Medical Informa...Mustafa Degerli - 2016 - Answers for MI 502 ā€“ Introduction to Medical Informa...
Mustafa Degerli - 2016 - Answers for MI 502 ā€“ Introduction to Medical Informa...Dr. Mustafa Değerli
Ā 
Training on confidentiality MHA690 Hayden
Training on confidentiality MHA690 HaydenTraining on confidentiality MHA690 Hayden
Training on confidentiality MHA690 Haydenhaydens
Ā 
Hipaa overview 073118
Hipaa overview 073118Hipaa overview 073118
Hipaa overview 073118robint2125
Ā 
Health management information systems for universal health coverage
Health management information systems for universal health coverageHealth management information systems for universal health coverage
Health management information systems for universal health coverageMEDx eHealthCenter
Ā 
HIPAA Compliance
HIPAA ComplianceHIPAA Compliance
HIPAA ComplianceManny Oliverez
Ā 

What's hot (20)

Medical Identity Theft ā€“ Causes, Consequences, and Cures with Jim Quiggle, Di...
Medical Identity Theft ā€“ Causes, Consequences, and Cures with Jim Quiggle, Di...Medical Identity Theft ā€“ Causes, Consequences, and Cures with Jim Quiggle, Di...
Medical Identity Theft ā€“ Causes, Consequences, and Cures with Jim Quiggle, Di...
Ā 
Technologies and procedures for HIPAA compliance
Technologies and procedures for HIPAA complianceTechnologies and procedures for HIPAA compliance
Technologies and procedures for HIPAA compliance
Ā 
Reasons for the Popularity of Medical Record Theft
Reasons for the Popularity of Medical Record TheftReasons for the Popularity of Medical Record Theft
Reasons for the Popularity of Medical Record Theft
Ā 
Confidentiality & privacy
Confidentiality & privacyConfidentiality & privacy
Confidentiality & privacy
Ā 
Digital Health Data
Digital Health DataDigital Health Data
Digital Health Data
Ā 
Sample HIPAA Training
Sample HIPAA Training Sample HIPAA Training
Sample HIPAA Training
Ā 
HIPPA-Health Insurance Portability and Accountability Act
HIPPA-Health Insurance Portability and Accountability ActHIPPA-Health Insurance Portability and Accountability Act
HIPPA-Health Insurance Portability and Accountability Act
Ā 
HIPAA AND INFORMATION TECHNOLOGY
HIPAA AND INFORMATION TECHNOLOGYHIPAA AND INFORMATION TECHNOLOGY
HIPAA AND INFORMATION TECHNOLOGY
Ā 
Hipaa Goes Hitech
Hipaa Goes HitechHipaa Goes Hitech
Hipaa Goes Hitech
Ā 
Preventing Provider Medical Identity Theft
Preventing Provider Medical Identity TheftPreventing Provider Medical Identity Theft
Preventing Provider Medical Identity Theft
Ā 
Annual HIPAA Training
Annual HIPAA TrainingAnnual HIPAA Training
Annual HIPAA Training
Ā 
Risk management in Healthcare on Cloud
Risk management in Healthcare on CloudRisk management in Healthcare on Cloud
Risk management in Healthcare on Cloud
Ā 
Mustafa Degerli - 2016 - Answers for MI 502 ā€“ Introduction to Medical Informa...
Mustafa Degerli - 2016 - Answers for MI 502 ā€“ Introduction to Medical Informa...Mustafa Degerli - 2016 - Answers for MI 502 ā€“ Introduction to Medical Informa...
Mustafa Degerli - 2016 - Answers for MI 502 ā€“ Introduction to Medical Informa...
Ā 
Compliance
ComplianceCompliance
Compliance
Ā 
Training on confidentiality MHA690 Hayden
Training on confidentiality MHA690 HaydenTraining on confidentiality MHA690 Hayden
Training on confidentiality MHA690 Hayden
Ā 
Hipaa overview 073118
Hipaa overview 073118Hipaa overview 073118
Hipaa overview 073118
Ā 
HIPAA
HIPAAHIPAA
HIPAA
Ā 
Health management information systems for universal health coverage
Health management information systems for universal health coverageHealth management information systems for universal health coverage
Health management information systems for universal health coverage
Ā 
HIPAA Compliance
HIPAA ComplianceHIPAA Compliance
HIPAA Compliance
Ā 
HIPAA
HIPAAHIPAA
HIPAA
Ā 

Similar to Medical Identity Theft Rise with EHR

Page 1 Executive Summary Policy makers are looking.docx
Page 1 Executive Summary Policy makers are looking.docxPage 1 Executive Summary Policy makers are looking.docx
Page 1 Executive Summary Policy makers are looking.docxsmile790243
Ā 
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docxPage 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docxkarlhennesey
Ā 
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docxPage 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docxhoney690131
Ā 
Confidentiality Of Health Information Essays
Confidentiality Of Health Information EssaysConfidentiality Of Health Information Essays
Confidentiality Of Health Information EssaysJessica Tanner
Ā 
A Personal Health Record ( Ehr )
A Personal Health Record ( Ehr )A Personal Health Record ( Ehr )
A Personal Health Record ( Ehr )Tasha Holloway
Ā 
MANAGING THE INFORMATION SECURITY ISSUES OF ELECTRONIC MEDICAL RECORDS
MANAGING THE INFORMATION SECURITY ISSUES OF ELECTRONIC MEDICAL RECORDSMANAGING THE INFORMATION SECURITY ISSUES OF ELECTRONIC MEDICAL RECORDS
MANAGING THE INFORMATION SECURITY ISSUES OF ELECTRONIC MEDICAL RECORDSijsptm
Ā 
Fraud And Abuse In The U.S. Healthcare System
Fraud And Abuse In The U.S. Healthcare SystemFraud And Abuse In The U.S. Healthcare System
Fraud And Abuse In The U.S. Healthcare SystemKendra Cote
Ā 
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)U.S. News Healthcare of Tomorrow
Ā 
Cybercrime and the Healthcare Industry
Cybercrime and the Healthcare IndustryCybercrime and the Healthcare Industry
Cybercrime and the Healthcare IndustryEMC
Ā 
Biometric identification in the healthcare sector
Biometric identification in the healthcare sectorBiometric identification in the healthcare sector
Biometric identification in the healthcare sectorFatima Aftab
Ā 
Running head DATA PRIVACY 1 DATA PRIVACY10Short- and .docx
Running head DATA PRIVACY 1 DATA PRIVACY10Short- and .docxRunning head DATA PRIVACY 1 DATA PRIVACY10Short- and .docx
Running head DATA PRIVACY 1 DATA PRIVACY10Short- and .docxtodd271
Ā 
Cybercrime and the Healthcare Industry
Cybercrime and the Healthcare IndustryCybercrime and the Healthcare Industry
Cybercrime and the Healthcare IndustryEMC
Ā 
Running head Information security threats 1Information secur.docx
Running head Information security threats 1Information secur.docxRunning head Information security threats 1Information secur.docx
Running head Information security threats 1Information secur.docxwlynn1
Ā 
Running Head Stage 2 Sharing Data1Stage 2 Sharing Data3.docx
Running Head Stage 2 Sharing Data1Stage 2 Sharing Data3.docxRunning Head Stage 2 Sharing Data1Stage 2 Sharing Data3.docx
Running Head Stage 2 Sharing Data1Stage 2 Sharing Data3.docxjeanettehully
Ā 
Fifth Annual Study on Medical Identity Theft
Fifth Annual Study on Medical Identity TheftFifth Annual Study on Medical Identity Theft
Fifth Annual Study on Medical Identity Theft- Mark - Fullbright
Ā 
Peer Review FormComplete the form by inserting your answer.docx
Peer Review FormComplete the form by inserting your answer.docxPeer Review FormComplete the form by inserting your answer.docx
Peer Review FormComplete the form by inserting your answer.docxtemplestewart19
Ā 
Medical Information Security
Medical Information SecurityMedical Information Security
Medical Information SecurityCSCJournals
Ā 
Why cyber-criminals target Healthcare - Panda Security
Why cyber-criminals target Healthcare - Panda Security Why cyber-criminals target Healthcare - Panda Security
Why cyber-criminals target Healthcare - Panda Security Panda Security
Ā 
Health Care Technology And Privacy
Health Care Technology And PrivacyHealth Care Technology And Privacy
Health Care Technology And PrivacyScott Fikes
Ā 
The Geography of Medical Identity Theft
The Geography of Medical Identity TheftThe Geography of Medical Identity Theft
The Geography of Medical Identity Theft- Mark - Fullbright
Ā 

Similar to Medical Identity Theft Rise with EHR (20)

Page 1 Executive Summary Policy makers are looking.docx
Page 1 Executive Summary Policy makers are looking.docxPage 1 Executive Summary Policy makers are looking.docx
Page 1 Executive Summary Policy makers are looking.docx
Ā 
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docxPage 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
Ā 
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docxPage 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
Ā 
Confidentiality Of Health Information Essays
Confidentiality Of Health Information EssaysConfidentiality Of Health Information Essays
Confidentiality Of Health Information Essays
Ā 
A Personal Health Record ( Ehr )
A Personal Health Record ( Ehr )A Personal Health Record ( Ehr )
A Personal Health Record ( Ehr )
Ā 
MANAGING THE INFORMATION SECURITY ISSUES OF ELECTRONIC MEDICAL RECORDS
MANAGING THE INFORMATION SECURITY ISSUES OF ELECTRONIC MEDICAL RECORDSMANAGING THE INFORMATION SECURITY ISSUES OF ELECTRONIC MEDICAL RECORDS
MANAGING THE INFORMATION SECURITY ISSUES OF ELECTRONIC MEDICAL RECORDS
Ā 
Fraud And Abuse In The U.S. Healthcare System
Fraud And Abuse In The U.S. Healthcare SystemFraud And Abuse In The U.S. Healthcare System
Fraud And Abuse In The U.S. Healthcare System
Ā 
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
Ā 
Cybercrime and the Healthcare Industry
Cybercrime and the Healthcare IndustryCybercrime and the Healthcare Industry
Cybercrime and the Healthcare Industry
Ā 
Biometric identification in the healthcare sector
Biometric identification in the healthcare sectorBiometric identification in the healthcare sector
Biometric identification in the healthcare sector
Ā 
Running head DATA PRIVACY 1 DATA PRIVACY10Short- and .docx
Running head DATA PRIVACY 1 DATA PRIVACY10Short- and .docxRunning head DATA PRIVACY 1 DATA PRIVACY10Short- and .docx
Running head DATA PRIVACY 1 DATA PRIVACY10Short- and .docx
Ā 
Cybercrime and the Healthcare Industry
Cybercrime and the Healthcare IndustryCybercrime and the Healthcare Industry
Cybercrime and the Healthcare Industry
Ā 
Running head Information security threats 1Information secur.docx
Running head Information security threats 1Information secur.docxRunning head Information security threats 1Information secur.docx
Running head Information security threats 1Information secur.docx
Ā 
Running Head Stage 2 Sharing Data1Stage 2 Sharing Data3.docx
Running Head Stage 2 Sharing Data1Stage 2 Sharing Data3.docxRunning Head Stage 2 Sharing Data1Stage 2 Sharing Data3.docx
Running Head Stage 2 Sharing Data1Stage 2 Sharing Data3.docx
Ā 
Fifth Annual Study on Medical Identity Theft
Fifth Annual Study on Medical Identity TheftFifth Annual Study on Medical Identity Theft
Fifth Annual Study on Medical Identity Theft
Ā 
Peer Review FormComplete the form by inserting your answer.docx
Peer Review FormComplete the form by inserting your answer.docxPeer Review FormComplete the form by inserting your answer.docx
Peer Review FormComplete the form by inserting your answer.docx
Ā 
Medical Information Security
Medical Information SecurityMedical Information Security
Medical Information Security
Ā 
Why cyber-criminals target Healthcare - Panda Security
Why cyber-criminals target Healthcare - Panda Security Why cyber-criminals target Healthcare - Panda Security
Why cyber-criminals target Healthcare - Panda Security
Ā 
Health Care Technology And Privacy
Health Care Technology And PrivacyHealth Care Technology And Privacy
Health Care Technology And Privacy
Ā 
The Geography of Medical Identity Theft
The Geography of Medical Identity TheftThe Geography of Medical Identity Theft
The Geography of Medical Identity Theft
Ā 

Recently uploaded

Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
Ā 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
Ā 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
Ā 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
Ā 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
Ā 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
Ā 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
Ā 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
Ā 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
Ā 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
Ā 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
Ā 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
Ā 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxPoojaSen20
Ā 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
Ā 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
Ā 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
Ā 

Recently uploaded (20)

Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
Ā 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Ā 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
Ā 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
Ā 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
Ā 
Model Call Girl in Tilak Nagar Delhi reach out to us at šŸ”9953056974šŸ”
Model Call Girl in Tilak Nagar Delhi reach out to us at šŸ”9953056974šŸ”Model Call Girl in Tilak Nagar Delhi reach out to us at šŸ”9953056974šŸ”
Model Call Girl in Tilak Nagar Delhi reach out to us at šŸ”9953056974šŸ”
Ā 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
Ā 
Model Call Girl in Bikash Puri Delhi reach out to us at šŸ”9953056974šŸ”
Model Call Girl in Bikash Puri Delhi reach out to us at šŸ”9953056974šŸ”Model Call Girl in Bikash Puri Delhi reach out to us at šŸ”9953056974šŸ”
Model Call Girl in Bikash Puri Delhi reach out to us at šŸ”9953056974šŸ”
Ā 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
Ā 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
Ā 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
Ā 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
Ā 
CĆ³digo Creativo y Arte de Software | Unidad 1
CĆ³digo Creativo y Arte de Software | Unidad 1CĆ³digo Creativo y Arte de Software | Unidad 1
CĆ³digo Creativo y Arte de Software | Unidad 1
Ā 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
Ā 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
Ā 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
Ā 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
Ā 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
Ā 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
Ā 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
Ā 

Medical Identity Theft Rise with EHR

  • 1. MEDICAL IDENTITY THEFT Has the transition to electronic health records by health care providers caused an increase in medical identity theft? MARCH 20, 2017 TECHNICAL REPORTING- BILL EBBESEN Sharon Nemecek
  • 2. Memo of Transmittal: To: William Ebbesen From: Sharon Nemecek Date: March 6, 2017 Subject: Recommendation Report for the study on the rise of medical identity theft Enclosed is the report you requested on ā€œHas the transition to electronic health records by health care providers caused an increase in medical identity theft?ā€, for Technical Reporting class. This report covers how medical identity theft is done and why it is done, whether there has been a rise in medical identity theft, what measures medical facilities should take to prevent medical identity theft, and what measures patients should take to protect their medical identity. However, the report does not cover commercial identity theft or credit card fraud. The report includes information about reasons why thieves steal someoneā€™s medical identity and the ways they are able to do so. The report also goes into how transitioning to electronic health records has increased medical identity theft, and how this affects medical facilities and patients. This report analyzes ways people find out how their identity has been stolen and the types of medical identity theft. It also shows the increase in medical identity theft. In order to complete this report I was able to get much needed assistance from the Teaching and Learning center at Fox Valley Technical College. As a result, my paper included all the requirements needed to complete the assignment. I appreciate the confidence you have shown in me in assigning this project. Please contact me with any questions regarding the areas covered. My phone number is (920)733-9228 and my e- mail address is nemecek0613@fvtc.edu.
  • 3. 1 Table of Contents Executive Summary........................................................................................................................ 2 Introduction:.................................................................................................................................... 4 Background of Feasibility Issue:................................................................................................. 4 Purpose of the Report.................................................................................................................. 4 Scope of the Report..................................................................................................................... 4 Sources of the Report .................................................................................................................. 5 Discussion of Findings.................................................................................................................... 6 How is Medical Identity Theft Done and Why is it Done?......................................................... 6 Has There Been an Increase in Medical Identity Theft? ............................................................. 7 What measures are taken by medical facilities to prevent medical identity theft? ..................... 9 What measures should patients take to protect themselves from medical identity theft?......... 11 Factual Summary / Conclusions: .................................................................................................. 14 Recommendations:........................................................................................................................ 16 References..................................................................................................................................... 18
  • 4. 2 Executive Summary To determine if medical identity theft has been on the rise since the implementation of electronic health records, instructor Bill Ebbesen requested a study be done to determine if this is true. I researched information from several reliable sites which included scholarly journals, textbooks, internet, and videos to assess information about medical identity theft, and will present my findings and recommendations. Several reasons were stated in the documentation why thieves would steal someoneā€™s medical identity. One of the reasons was to receive medical care for themselves because they were not able to afford their own. They may want access to prescriptions for themselves or sell them to make money. Supplies can also be obtained and re-sold. Many times, the stealing of medical identity is for profit and the people who commit this crime are very good at accessing patient information by hacking into someoneā€™s medical records. All they need is some personal information about the patient such as a social security number. Employees who are careless with protecting electronic devices or not following guidelines could allow hackers access to their databases. Information can be hacked into and sold. To carry out this study, information was obtained from research reports from the Poneman Institute that noted a rise in medical identity theft after the push to go to electronic medical records. Todd Feinman, who is a security expert, was interviewed for an article for ā€œObesity Fitness & Wellness Weekā€. He felt that going to electronic health records has escalated medical identity theft. The Identity Theft Resource Center stated that medical identity theft has risen at a larger pace than other businesses. Since medical identity theft has escalated, medical facilities need to be proactive in protecting themselves and their patients. Several sites outlined ways that facilities can do this by protecting electronic devices and computers. Making sure all electronic devices and computers are locked and password protected, by verifying patientā€™s information when they come to their facility, doing a complete background check on new employees, and thoroughly training all employees to make sure they are knowledgeable about all guidelines, will help to prevent medical identity theft.
  • 5. 3 The study also determined that patients should be made aware of how medical identity theft could affect them. A patient can do things to help prevent this from happening to them. They should always check their bills to make sure an unusual charge is not showing, they should not share personal information especially over the phone, and insurance cards and other personal identification should be kept in a safe place. It is important for patients to go onto their account to look for discrepancies or ask for a copy of their medical records to verify everything is correct. Patients should also be aware that allowing someone they know to use their medical identity to receive service is a crime.
  • 6. 4 Introduction: To determine if medical identity theft has been increasing since the implementation of electronic health records, instructor Bill Ebbesen requested a feasibility report to address this issue. Background of Feasibility Issue: With the cost of medical care always rising, and with medical facilities transitioning to electronic health records, medical identity theft also has been on the rise. Transferring to electronic health records by medical facilities since the ā€œAmerican Recovery and Reinvestment Act of 2009ā€ and the ā€œAffordable Care Act in 2010ā€, there has been an increase in breaches electronically of patientsā€™ personal information. The stealing of medical identity and selling the information tends to be very profitable for thieves. A patientā€™s medical record contains a great deal of personal information including credit card numbers from health savings accounts. Employee errors are a big reason for medical identity theft. The main cause of medical identity theft is from hacking into a patientā€™s account. Medical identity theft has increased significantly in the last several years. Medical facilities need to put measures in place and have thorough training of all staff to help prevent patientsā€™ information from being stolen. Patients should also be made aware of what could happen, and the measures they need to take to protect themselves. Purpose of the Report Since all medical facilities will need to transfer to electronic health records, this has motivated thieves to find ways to access the information. The purpose of this proposal is to analyze why medical identity theft is being done and how it is being done. The goal is to set up a plan and have procedures in place to guard against medical identity theft. Scope of the Report This proposal describes how medical identity theft is done and why it is done. It also discusses the increase in medical identity theft and how it relates to the transition to electronic health records. The measures that facilities use to prevent medical identity theft is also addressed in this report as well as what patients can do to protect themselves. However, the report does not cover commercial identity theft or credit card fraud.
  • 7. 5 Sources of the Report The sources used for compiling this report included library based journals and articles. Internet magazine articles were also useful. I utilized two video sources as well. The majority of the information was gained from secondary sources. The reason these resources were used was because of the large amount of information available. I did not include first-hand opinions because I felt they could be biased.
  • 8. 6 Discussion of Findings How is Medical Identity Theft Done and Why is it Done? According to Kieke (2009), ā€œMedical identity theft is the inappropriate or unauthorized misrepresentation of individually identifiable health information for the purpose of obtaining access to property or services, which may result in long-lasting harm to an individual interacting with the health care continuumā€ (p. 51). Some reasons why someoneā€™s identity is stolen are: a person wants to receive health insurance benefits for themselves using another personā€™s information, an employee of a medical facility gets paid for selling the information, or by people who are trying to obtain drugs for themselves or to sell them for profit (Kieke, 2009). Harry B. Rhodes, who is director of Practice Leadership for the American Health Information Management Association (AHIMA), asserted that ā€œThese people are very quick about itā€ when he discussed medical information being stolen. He talks about how after the information is taken, a large amount of false claims are submitted using the identity of the person whoā€™s information was stolen. Many times, the medical identity information is sold (Kieke, 2009, p. 52). According to McNeal (2014), thieves who steal medical records are able to have entrance into all the patientā€™s pertinent information including access codes and safety questions that are on file. Gaining access to a social security number could allow the thieves to make costly purchases in the patientā€™s name. Criminals who hack into medical accounts are able to receive more money selling health insurance information than what is received from the sale of credit cards. It is not uncommon for thieves to obtain services for medical procedures, medical equipment, and prescriptions using someone elseā€™s identity (p. 20). Employees who do not follow correct procedures are one of the main reasons for medical identity theft. Three quarters of medical facilities have determined that the carelessness of employees is the reason their data is hacked. Human error is a big part of the problem. Electronic devices need to be secured and password protected. If someone is careless, a patientā€™s personal information could be accessed even though the security system for the network and computers is secure (McNeal, 2014).
  • 9. 7 Below figure 1 shows the main types of medical identity theft and the corresponding percentage per type. The percentage shows from 2007 through 2014, but for ā€œemployee negligenceā€, the data was only compiled for years from 2012 through 2014 (Identity Theft Resource Center, 2015). Types ofMedical Identity Breaches % from 2007-2014 Hacking 21.7% Data on the Move 15.9% InsiderTheft 12% Accidental Exposure 12% Subcontractor/ Third Party 11.2% Employee Negligence 9.5 ( for yearsfrom 2012-2014) Figure 1 (Identity Theft Resource Center, 2015) Has There Been an Increase in Medical Identity Theft? An academic article states that ā€œmedical identity theft spiked 22 percent in 2014. Medical identity theft is projected to continue to rise. Actions need to be taken by medical facilities to safeguard themselves. The article noted a need for cyber liability insurance for medical providers to cover damages if their systems are hacked (Medical ID Theft Increases, 2015). According to an article from Obesity Fitness & Wellness Week, Todd Feinman, who is a security expert, felt the movement to electronic records will cause a greater chance of medical identity theft because many providers are not taking the needed precautions (Obamaā€™s Support, 2009). ā€œWhy Medical Identity Theft is Rising and How to Protect Yourselfā€, referred to information from the Identity Theft Resource Center which determined that medical identity theft has risen higher than other businesses. Medical records contain important personal information including credit card and social security numbers. Computer generated attacks have been focusing on medical facilities. In fact, nearly 100 % of health care facilities have had their medical records hacked in the last few years. Almost half of companies who have a working relationship with the medical facilities have also been hacked (Shin, 2015). According to a video from the Wall Street Journal, ā€œMedical Identity Theft on the Riseā€, medical identity theft has been increasing the last few years. Thieves will steal someoneā€™s medical identity and use the information to get medications or have medical procedures. The patient will
  • 10. 8 not realize what has happened until they get a bill for a procedure they have not had or notice something in their medical records has changed. The problem has gotten so severe that a group of major insurance companies have formed the ā€œMedical Identity Fraud Allianceā€ to help fight this problem. The Department of Justice and Health and Human Services are the federal agencies who are focusing on examining the increase in medical identity theft. Some facilities have implemented a scanner to screen the patientā€™s fingerprints to verify a patientā€™s identity. A medical facility in California was involved in a plot to defraud Medicare and Medicaid by arranging to have people be seen at the clinic under the stolen identities and receive a prescription which would later be sold illegally. A physician at the facility was arrested for health care fraud and conspiracy (Zelevansky, 2015). More medical facilities have been transferring to electronic health records since the American Recovery and Reinvestment Act of 2009, and the Affordable Care Act in 2010, causing a larger chance of cyber-attacks. Criminals also feel that it is easier to access health care accounts versus other businesses (Shin, 2015). Since the implementation of the ā€œHealth Insurance Portability and Portability Act of 1996 (HIPAA)ā€, the duties of the privacy officer changed. Facilities transferring to electronic health records has required the privacy officer to have a better technological background. Their role has become more involved with more responsibilities including making sure staff are well trained and in compliance with all guidelines. Another important part of a security officerā€™s job involves making sure security is in place to prevent unlawful access to the electronic health records, reviewing and revising procedures, and training staff on correct guidelines (Dimick, 2012). Furthermore, the textbook, Health Information Management Technology: An Applied Approach, stated that the nationwide health information network (NHIN) and the implementation of electronic health records, has increased medical identity theft. It stated that ā€œelectronic systems with multiple centralized and decentralized databases could facilitate both the commission and hiding of this crimeā€ (Sayles, 2014, p. 739).
  • 11. 9 Figure 2 shows the increase in medical identity theft from the year 2010 through 2014. The chart shows an increase from 15% in 2010, and by 2014 it had increased to 28% which is a 13% increase in four years. The article compiled the information from a study that was done by the Poneman Institute (Munrow, D., 2015). Figure 2 (Munrow, D., 2015) Finally, Rick Kam, who is president of ID Experts, stated the FBI feels thieves receive more money selling stolen medical health insurance information than the price they would receive for selling social security cards (Shin, 2015). What measures are taken by medical facilities to prevent medical identity theft? Stealing someoneā€™s medical identity is not a difficult task. All the thief needs would be part of the personā€™s personal information or a personal document or card, for instance, a social security card. Even a copy of someoneā€™s insurance card would be enough to steal their medical identity (Weinstock, 2015). Because of the increase in medical identity theft, it is important for medical facilities to have measures in place to protect their patientsā€™ medical identity. Some of the ways this can be done would be: protecting who has access to the patientā€™s records, verifying a patientā€™s identity in the 15% 15% 19% 23% 28% 0% 5% 10% 15% 20% 25% 30% 2010 2011 2012 2013 2014 Increase in Medical Identity Theft % comparison
  • 12. 10 reception area by checking picture identification, and verifying personal information. Employees should receive thorough training in processes to prevent identity theft. It would also be beneficial to pre-register the patient before their visit and get pre-authorization from their insurance company (Weinstock, 2015). While verifying documentation is extremely important, protecting the electronic health record is essential. Using a protected server is mandatory and information sent by e-mail should always be encrypted to prevent hackers from accessing the information. Computers should be locked and pass-codes should be used. Electronic devices should be protected from being stolen (Weinstock, 2015). Training documents should include clear instructions on how employees should protect their patients from having their identity stolen. Employee training should be ongoing and they need to fully understand HIPAA guidelines. Areas where patientsā€™ information is kept should always be secure from non-authorized people. Patient documentation should never be left unattended. Asking for a driverā€™s license and a valid insurance card during registration should be required. The associate should verify the information with the patientā€™s electronic record (Weinstock, 2015). An employer should make sure a prospective employee is completely vetted before they are hired. New employees should only have security for the jobs they are trained. Only authorized staff should have access to certain information and areas of the facility. Employees should be thoroughly trained in how to notice discrepancies in medical records or in documents. If anything does not seem right, completely evaluate the situation (Weinstock, 2015). Medical identity thieves are becoming savvy at accessing electronic health records. Medical facilities need to be vigilant in protecting themselves and their patients by following federal and state regulations as required (Weinstock, 2015). In addition, in the textbook ā€œHealth Information Management Technology: An Applied Approachā€, they talk about instances where doctors were also having their identityā€™s stolen. The thieves use the stolen credentials to charge medications and other health care equipment or services that have never happened (Sayles, 2014).
  • 13. 11 Therefore, the book emphasizes that health care locations need to determine how thieves are capable of accessing information so they can set up procedures to protect themselves and their patients from medical identity theft. Most facilities follow HIPAA guidelines, but it is not enough. It is important that new employees receive extensive screening before being hired. The book stated that ā€œThe problem becomes almost unsolvable in the context of secondary releases of false information for insuranceā€ (Sayles, 2014, p. 739). According to Rhodes (2015), ā€œThe Federal Trade Commissionā€™s (FTC) Red Flags Rule requires organizations to develop and implement a formal, written identity-theft-prevention program with the purpose of detecting the warning signs, or ā€˜red flagsā€™ of identity theft throughout their operationsā€. He talked about a huge instance of medical identity theft that occurred at Anthem insurance company where assorted patient personal information was stolen. The information was hacked, and it went on for almost a year. Setting up these red flags could have alerted the company to the breach. Many health care providers are unaware of the severity of medical identity theft. A shortage of employees was another issue. Many times a facility does not have enough trained staff employed to support an effective privacy plan (p.28). Medical facilities should screen for unusual changes in a patientā€™s medical records. Changes in personal identification like a birthdate could signal something is not right. Procedures need to be in place to determine how to proceed and what to watch. Using computer applications with privacy settings will help to pick up problems and stop unauthorized use. The software can pick up repetitions in use that can signal a breach (Rhodes, 2015). Per the article, with more and more medical facilities transferring to electronic health records, it will increase the movement towards medical identity theft. Medical facilities need to be attentive to protect their patients (Rhodes, 2015). What measures should patients take to protect themselves from medical identity theft? Medical identity theft can cause real problems for patients. It can not only cause financial problems with unauthorized medical expenses, but it could even affect the patientā€™s health if someone elseā€™s medical information ends up in their health records. For instance, if the patient needed to have a blood transfusion and their blood type was changed, it could end up being fatal (Andrews, 2016).
  • 14. 12 Warning a patient about medical identity theft is a good procedure for medical facilities to follow. Sometimes patients do not fully understand the consequences of sharing personal information. Keeping personal documents like insurance cards in a secure place and not sharing them, is information a facility should make the patient aware of. A patient should check their medical account periodically to monitor it for unusual activity and request medical invoices and records to examine them for discrepancies (Weinstock, 2015). Figure 3 shows some of the ways patients learn about Medical Identity Theft. The graph shows the percentage of ways they first learn about having their medical identity accessed (Praskac, A.,2012). Figure 3 (Praskac,A., 2012) Discovering medical identity theft can be difficult. Patients should not divulge their personal or medical data to anyone. The article states that patients should go over the explanation of benefits letter completely. It is also important to go over any paperwork or charges received from providers and insurance companies. Even checking your credit report was suggested. All 46% 30% 16% 9% 9% 5% Victims First Learn About Medical Identity Theft Receipt of Collection Letter Discover Mistake in Health Records Drop in Credit Score Alert for Health Care Provider Errors Posted to Medical Invoices Data Breach Notification
  • 15. 13 personal identification cards should be protected and not shared. It would be a good idea to inquire about the reason any requests are made for the information. Sharing upcoming medical procedures on social media is not recommended. A criminal can find other information online and use it to set up a medical account in your name. There have even been instances of other family members stealing their relativeā€™s identity to receive health care. Almost half the people surveyed for the article said their identity was stolen by a relative or an acquaintance. If a patient allows someone to use their medical information, it is a federal crime. Some people feel they are just helping someone out who doesnā€™t have health insurance, but should be aware that it could cause them legal problems (Andrews, 2016). According to the video, ā€œMedical ID Theft on the Riseā€ regarding a study from the Poneman Institute, the rise of medical identity theft is up to over 2 million people. The film mentioned how the majority of people do not even realize their identity has been stolen until several months after, and one third of the people never even realize it had happened. Medical identity theft costs patients a lot of money to correct the problem and it is also time-consuming (Medical ID Theft on the Rise, 2015). Educating the patient on how they can protect themselves is important. Inform them how important it is to verify that all their medical information is accurate and to inquire if they have questions or concerns (Merisalo, 2008).
  • 16. 14 Factual Summary / Conclusions: Medical identity theft is happening to obtain medical insurance benefits by either someone in need of insurance or by individuals who are selling the information for profit. Another reason would be for obtaining drugs or medical supplies which also can be sold for profit. Gaining access to someoneā€™s medical identity opens up many avenues for thieves. Stealing someoneā€™s medical identity is more profitable than from the sale of stolen credit cards. Thieves have learned how to access someoneā€™s medical identity electronically by gaining access to some of the patientā€™s personal identifiers such as social security numbers. If thieves gain access to a patientā€™s insurance card, they will be able to obtain all the patientā€™s personal identifiers. A careless employee who does not follow guidelines set in place by the facility could open up a path for patients to have their medical identity stolen. Any electronic device used by an employee should always be secured and computers should be password protected and not left unattended when the employee walks away. Any e-mails sent should be encrypted. There has been an increase in medical identity theft in the last several years. Medical identity theft has risen higher than identity theft has in other commercial businesses. Projections show that this increase will continue to grow. Some of the breaches of medical identity include computer hacking, data moving from one location to another, someone from the inside helping the thieves for profit, accidental exposure, carelessness by a subcontractor or third party vendor, and employee negligence. Medical records contain valuable information on patients like birthdate, address, phone numbers, even credit card numbers. Almost all medical facilities have had their medical records compromised in the last few years. Thieves have been focusing on hacking into medical facility computers. Since more medical facilities have been converting to electronic records, this has motivated thieves to hack into medical accounts. Thieves feel they have an easier time accessing health accounts than they do accessing other businesses. Because of the many integrated and regionalized databases available, it makes it easier to hide the misdeeds.
  • 17. 15 Many medical facilities hire security or privacy officers to oversee security at their locations to make sure procedures are in place. The servers used by the facility should be protected. Employees receive training to follow guidelines set up to prevent medical identity theft. The reception desk is trained to verify the appropriate information to determine the patient who is being seen is the person showing in the account. Facilities hire employees that have been thoroughly screened. Warning flags signal to the staff if something is amiss so they can investigate it further. Patients should be educated and aware of ways to protect themselves from having their medical identity stolen. Many times they do not realize their identity has been stolen until they receive a bill that is for something they never received. Patientā€™s need to be made aware of how important it is to be careful about sharing their personal information. Even having the wrong information on their medical records could be dangerous to their health. Going over bills from their provider or from their insurance company could show if any information is incorrect.
  • 18. 16 Recommendations: With medical identity theft on the rise it is important for medical facilities to use proper measures to make it harder for thieves to access patient information. Based on the findings in this report the following are the recommendations: 1. A medical security officer should be used to oversee all areas by making sure the server is secure and that the firewall is working. 2. The facility should implement technical fraud prevention measures and software that will flag possible breaches. 3. The data should be encrypted to prevent hackers from accessing patient information. 4. All employees should receive thorough training in appropriate procedures for handling of patient information. 5. Password protection should be used on all computers and electronic devices. 6. Computers should never be left unattended with patient information showing. 7. Areas of the facility should be secure and only personnel with the correct credentials should be allowed in the secured areas. 8. The reception area should be thorough in verifying patient information and matching it to what shows on the patientā€™s account. 9. A photo ID should be scanned into each patientā€™s account to help with the identification process. 10. All HIPAA guidelines should be followed by the staff. 11. New staff should be thoroughly vetted before being hired. 12. Vendors should also be scrutinized and informed on policies in place by the medical facility so they also follow correct guidelines. Patients should also be educated on ways to look for medical identity theft. They should be told to monitor their medical records to make sure everything is correct and to contact the medical facility immediately if it is not. They should also check over all statements from the facility and from their insurance company to confirm there are no unauthorized charges. It is extremely important to educate patients to protect their personal information such as their social security and insurance cards. If they receive a call asking for some personal identifiers, it should be
  • 19. 17 questioned further and they should keep to a minimum the information they share. The Medical facility should never ask the patient over the phone for their complete social security number. Monitoring their credit report is also advisable.
  • 20. 18 References Andrews, M. (2016, August 25). The Rise of Medical Identity Theft. Consumerreports.org. Retrieved from: http://www.consumerreports.org/medical-identity-theft/medical-identity- theft/ Dimick, C. (2012, April). The New Privacy Officer: Journal of AHIMA 83, no.4. Retrieved from: http://bok.ahima.org/doc?oid=105340#.WNgI1fkrLIV Identity Theft Resource Center (2015, January 12). Identity Theft Resource Center Breach Report Hits Record High in 2014. Retrieved from: http://www.idtheftcenter.org/ITRC- Surveys-Studies/2014databreaches.html Kieke, R. L. (2009). Although a Relatively New Risk Area, Medical Identity Theft Should Not Be Taken Lightly. Journal Of Health Care Compliance, 11(1), 51-74. Retrieved from: http://applibproxy.fvtc.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true &db=buh&AN=36097369&site=eds-live McNeal, M. (2014). HACKING HEALTH CARE. (cover story). Marketing Health Services, 34(3), 16-21. Retrieved from: http://applibproxy.fvtc.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true &db=buh&AN=98169038&site=eds-live ā€œMedical ID Theft Increases Doctors Bewareā€. (2015, March 11). States News Service. Retrieved from http://applibproxy.fvtc.edu/login?url=http://go.galegroup.com/ps/i.do?p=AONE&sw=w &u=foxvtc&v=2.1&it=r&id=GALE%7CA404795380&sid=ebsco&asid=6daf4efdefe415 b2261a5e7153733ef3
  • 21. 19 ā€œMedical Identity Theft: Patient access first in line to manage the nation's fastest growing crimeā€. (2008). Health Care Registration: The Newsletter for Health Care Registration Professionals, 17(9), 1-11. Retrieved from: http://applibproxy.fvtc.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true &AuthType=cookie,ip,cpid&custid=s6254798&db=c9h&AN=32022412 Munrow, D. (2015, February 23). New Study Says Over 2 Million Americans Are Victims of Identity Theft. Retrieved from: https://www.forbes.com/sites/danmunro/2015/02/23/new- study-says-over-2-million-americans-are-victims-of-medical-identity- theft/#7d7825115a05 Obama's Support for Digital Health Records May Increase Identity Theft. (2009, May 23). Obesity, Fitness & Wellness Week, 199. Retrieved from http://applibproxy.fvtc.edu/login?url=http://go.galegroup.com/ps/i.do?p=AONE&sw=w& u=foxvtc&v=2.1&it=r&id=GALE%7CA200018567&sid=ebsco&asid=1a23efeed71b005 ecf192caa6b5ddc76 Praskac, A. (2012, February 21). Amy on Organizing Records. Landmark Studies by the Poneman Institute. Retrieved from: http://www.ontherecordorganizing.com/amy-on- organizing-records/medical-identity-theft-statistics Rhodes, R. (2015). How red flags, policies and technology can catch medical identity theft. Health Management Technology, 36(4), 28-29. Retrieved from: http://applibproxy.fvtc.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true &AuthType=cookie,ip,cpid&custid=s6254798&db=cmedm&AN=26357777 Sayles, N. (2014). Health Information Management Technology: An Applied Approach (4th ed.). American Health Information Management Association.
  • 22. 20 Shin, L. (2015, May 29). Why Medical Identity Theft Is Rising And How To Protect Yourself. Forbes. Retrieved From: https://www.forbes.com/sites/laurashin/2015/05/29/why- medical-identity-theft-is-rising-and-how-to-protect-yourself/#6df638e13608 Video: Study: Medical ID theft on the rise. (2015, February 25). Local Broadcast Video Content. Retrieved from http://applibproxy.fvtc.edu/login?url=http://go.galegroup.com/ps/i.do?p=AONE&sw=w& u=foxvtc&v=2.1&it=r&id=GALE%7CA402990111&sid=ebsco&asid=5ed9c04f0789669 d69f8e70bf84b9caf WEINSTOCK, D. (2015). Is Your Practice at Risk for Medical Identity Theft? Are you taking the proper steps to prevent this crime?...Reprinted with Permission from The Journal of Medical Practice Management, Nov/Dec 2014, pgs 168-170. Podiatry Management, 34(8), 123-125. Retrieved from: http://applibproxy.fvtc.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true &AuthType=cookie,ip,cpid&custid=s6254798&db=rzh&AN=110454249 Zelevansky, j. (2015, August 7). Medical Identity Theft On the Rise. [Video file]. Retrieved from: https://www.youtube.com/watch?v=PIFasQw336A
  • 23. 21