HOT TOPICS >> ARRA | Recovery Audit Contractors | Women in Health IT | Collections | Bond Ratings | Charity Care
Medical identity theft challenge just beginning
As healthcare providers, you already have an obligation to protect patient healthcare data strenuously, something demanded not only by HIPAA and other laws, but by every form of legal ethics as well. That being said, it's no fun when you're forced to consider yet another set of security issues that might come into play when protecting your patient data. Unfortunately, that's what you're facing with the specter of medical identity theft.
It's definitely a challenging problem. How many industries have to face the possibility that the person who's enjoying their services isn't who they say they are?
Clearly, the FTC already is on the case, issuing rules that are supposed to help healthcare organizations--and other businesses--develop policies for dealing with identity theft. But I suspect that administrative remedies focused on detection of bad actors are just the beginning. In the future, hospitals may need to do a great deal more to verify that they're treating the right patient, including:
* Biometric scanning: If you want to make sure you've got the right person, retinal scans are hard to beat, as are fingerprint scans. A bit pricey, perhaps, but they may become a necessity.
* Security challenges: As is common when people want to access data or services in the financial industry, make patients answer a one or two-question challenge that requires them to answer personal questions from their medical history accurately, such as "I've had the following surgical procedures: a) open heart surgery, b) gallbladder removal, c) C-section, d) plastic surgery."
* Financial verification: Make sure that the person knows some financial details only the account holder is likely to know, such as the last deposit and the last withdrawal they made from their bank account.
I'm not a security expert--I cite these only from personal experience in how institutions verify my identity--but you get the point. Medical identity theft is a sufficiently potent threat in which security measures that seem extreme today may well become necessary in the future. If it sounds like some dystopian novel, well, I can see your point, but sometimes tough times call for tough measures.
What do you think? Is the industry likely to reach the point where we have to screen patients this intensely? Have you been running into medical identity theft for the purposes of stealing services from your facility or practice, and what are you doing about it? I'd love to learn more. - Anne
P.S. Over at blog Hospital Impact, blogger Tony Chen has offered his list of six implications of the financial meltdown for hospitals. It's worth a read.
Finally, if you have a minute, please click on the following link to take our short survey. It's your chance to tell us about your background and how FierceHealthFinance can better contribute to your success. Three minutes and some clicks of your mouse are all it takes. TAKE THE SURVEY -->
Comments
By The real Danny Lents - IdTheftAwareness.com | Posted 3:04pm | October 1, 2008
Your suggestion to identify a patient through queries about details they should know is an excellent starting point to expose a potential ID thief and it shouldn't cost much to implement.
I wish there was more focus on Medical Identity Theft.
www.IdTheftAwareness.com
By Earlb | Posted 1:28pm | October 3, 2008
I agree that Medical Identity Theft is on the increase. It is also hard to detect. Having a patient provide a picture form of identification will help. Along this line, why not have a .jpg picture of the patient added to the computer record and a picture on their medical card? These two combined will go a long way to help avoid medical identity theft. You get a picture on your drivers license, credit card and also other cards you carry.
You can also get an identity theft and restoration service that monitors the five areas of identity theft like I have. I have the legal service and Identity Theft Shield from Pre Paid Legal Services. You can check them out at www.decidehere.com. There are other services out there. I have found this to be the best combination of services. Do the research your self.
By Martin Ethridgehill | Posted 10:01pm | December 8, 2008
I agree that pictures are a great starting point - until I read the article whee staff at an office made acopy of the drivers license, but made no effort to "match" it to the person standing there for treatment: in this case a closer look would have revealed the imposter.
Later, when the real person walked in to dispute, the photocopy was correct for th person standing there this time. Copying records andmatchinginformation will never be more effective that the operator.
That being said, if health care is bound and determined to become dependant on systems that do not require thought: then mass utilization of biometric verification is the ticket.
Post new comment
Home
| Subscribe | Advertise | Mobile Edition | RSS |
Privacy
| Site Map | List in Marketplace | Supplier MarketplaceTHE FIERCEMARKETS NETWORKFierceFinance | FierceFinanceIT | FierceComplianceIT | FierceHealthcare | FierceHealthFinance | FierceHealthIT | Hospital Impact | FierceMobileHealthcare | FierceCIO | FierceCIO:TechWatch | FierceContentManagement | FierceMobileIT | FierceGovernmentIT | FierceBiotech | FierceBiotech Research | FiercePharma | FierceVaccines | FierceBiotechIT | FiercePharma Manufacturing | FierceIPTV | FierceOnlineVideo | FierceTelecom | FierceVoIP | FierceBroadbandWireless | FierceDeveloper | FierceMobileContent | FierceWireless | FierceWireless:Europe | FierceCable© 2010 FierceMarkets. All rights reserved. |
 |