In 2014, hundreds of physicians across the country were notified that their identities may have been compromised due to tax fraud. In some cases, doctors were alerted a tax return had already been filed in their names when submitting their own annual income tax returns.
In others, people received refund checks even before they submitted their tax forms.
In the year and a half since, investigators still aren’t exactly clear as to why physicians were targeted, but there’s supposition that the culprits hacked into medical associations’ membership rosters.
Identity theft has been on the rise for quite some time. According to a survey conducted by Princeton Survey Research Associates International and reported by Bankrate, 41 million American adults have had their identities stolen.
While theft certainly can stem from illicit eavesdropping on financial transactions, medical ID theft is fast becoming a more prolific crime. Consumer Reports found there were approximately 2.3 million cases of medical ID theft in 2014, which was an increase of nearly 22 percent from the previous year.
In fact, cyber security experts assert that medical identity theft is the fastest-growing type of ID theft.
In addition to its increasing frequency, medical identity theft poses a different set of headaches than straight-up financial incidents. Over the years, regulations, including the Fair Credit Billing Act, have been put in place to help protect victims.
Those whose identities have been falsely used to make purchases have limited liability with credit card issuers, and financial institutes are required to follow specific guidelines to reimburse people for illegal withdrawals via ATMs or debit cards. However, fewer regulations address medical identity theft, which oftentimes leaves victims holding the bills.
The Consumer Reports article states that the average financial identity fraud victim in 2015 paid $55 to resolve accounts, while nearly two-thirds of medical identity theft victims dished out an average of $13,500.
Provider ID theft
A majority of medical identity theft cases involve patients whose personal data are confiscated. For example, there have been massive breaches of healthcare and insurance organizations’ records. Unauthorized parties have access to names, addresses, health insurance policy numbers and, in some cases, Social Security numbers.
This information can then be used to open up new accounts, including new insurance policies to obtain medical services. Also included in healthcare files are physician names and identifiers.
Providers face a unique situation when they become victims of medical identity theft. For example, if Medicare fraud is detected as a result of provider medical ID theft, then the victimized physician may stop receiving reimbursements until the situation is resolved. Prescriptive authority also could be jeopardized.
Plus, provider medical identity theft isn’t always apparent. Sometimes the first indication is notification from an outside entity, such as the IRS or an insurance company warning overpayment. Another sign could be calls regarding corporations or business dealings under a different name.
Protecting yourself from personal and medical identity theft
The good news is that there are proactive policies you can instill to protect your practice from provider medical identity theft, either as a permanent employee or as a locum tenens professional, including:
- Avoiding signing blank referral forms
- Keeping payers updated with practice particulars, especially if you change locations
- Monitoring billing and compliance processes
- Checking the Medicare Provider Enrollment, Chain and Ownership System
If you think your provider identity has been hijacked, call the police as well as Medicare (800-MEDICARE) or report it online to the Medicare Office of the Inspector General. The Federal Trade Commission also investigates medical ID theft.
To protect your personal identity:
- Review monthly credit card and bank statements for irregularities or unauthorized purchases
- Use credit cards for all major and online transactions
- Bypass airport and hotel Wi-Fi services when traveling for locum tenens assignments
- Conduct online banking and shopping from secure Internet providers requiring passwords and that have limited exposure to the public
- Look over all medical documents for extra charges
- Check credit reports: Equifax, (800) 525-6285; Experian, (888) 397-3742; TransUnion, (800) 680-7289
If you think your personal identity has been stolen, immediately notify the police and bank and credit card companies. Contact insurance companies and medical providers to correct personal records. You can also sign up for fraud alert services.