Currently, there are two states that allow individuals to prosecute on the grounds of medical identity theft: Colorado and California. Georgia has just signed a bill for the House of Representatives to amend their current identity fraud laws to include medical identity fraud for jurisdiction and prosecution purposes. This is a step forward for Georgia which has the second highest rate for identity fraud in the country. The most identity theft complaints come from Florida, which receives twice the amount of complaints received in Georgia.
When a healthcare information becomes digital, there is an abundance of advantages for patients, doctors and practices. In seconds, providers can target, secure, and identify all types of information about an individual to treat them better and quicker. Also, with the right tools, this information is incredibly useful for population health management (PMH) and predictive modeling when pooled together.
Other uses for health care identity proofing include:
· Secure access to health records
· Secure access to status of applied government benefits and HIE
· Identity provider enrollment
· Risk scoring of providers for fraud, waste and abuse purposes
· Risk scoring for and screening of Medicaid beneficiaries
· Improvement of clinical risk scoring and predictive analytics
· Target disease management efforts
· Increase patient engagement
However, digital strategies and electronic health records (EHRs) also create certain vulnerabilities when applied to data collection. These include overwhelming scalability especially in health care as patient records must be kept for 6 years. There are also compliance regulations, costs, and above all security concerns. Each year in America there are 1.5 million victims of medical identity theft each year, and it is in fact, the fastest growing form of identity theft. From identity and contact information to health history and finances, each patient is exposing their personal information for health care purposes and require heavy protection.
“The fastest form of identity theft is stealing people’s medical and health insurance information to defraud private and public healthcare providers. Similar to financial identity theft, this harms people and drives up the cost of healthcare as medical facilities and insurance companies compensate by increasing rates. Potential identity thieves should consider themselves warned that this type of theft and fraud will be severely punished and not tolerated in our state,” said Sen. Judson Hill (R – Marietta) and sponsor of the Senate Bill 170 in Georgia.
Vulnerabilities and Security issues:
· Many healthcare organizations don’t have sufficient resources or data security experts dedicated to data security, and those that do don’t do yearly audits. 52% of the organizations that conduct one of these audits discover a security breach as a result.
· Compliance Regulations with HIPAA modifications
· Consequences for the Patient include Ruined credit, Loss of health coverage, Inaccurate records, Legal troubles, Higher health premiums, etc
Whether or not identity proofing in a healthcare setting is practiced with each patient, many could agree that other priorities can easily come first. In general, providers do one-on-one relationship basis identity proofing. However one-on-one relationships are not always possible, or a patient may wish to hold an “anonymous” identity. In these cases the provider doesn’t need to know the patient attached to the identity just that it’s the same patient that interacts with the account.
There are official level 1-5 identity proofing guidelines incorporated in technology solutions for digital identity proofing. These can include a simple confirmation of relationship by a provider to biometric captured at registration. Even though it may be a time consuming challenge for states to pass legislation on medical identity fraud as it is for most political processes, technology companies take the lead with prevention. Lexis Nexis recently spoke at the 2013 State Healthcare IT Connect Summit >>Download the Speaking Proposal Form to participate at the 2014 State Healthcare IT Connect Summit), Clint Fuhrman, Director of Government Healthcare presented with Saratu Grace Ghartey, Assistant Deputy Commissioner, NYC Human Resources Administration and Maggie O’Connell, Program Integrity Unit, Arkansas Department of Human Services.
Also, the Health Information Technology for Economic and Clinical Health (HITECH) Act now includes more protection and viewer restriction of patients’ medical records with the Health Insurance Portability and Accountability (HIPAA). Standardized regulation and technology solutions are making it clear that providers can and must incorporate precautions that secure their patients’ information to maintain the sacred patient-doctor confidentiality.view all