Attorney General Kamala D. Harris Issues Guidelines to Health Care Industry on Medical Identity Theft
SAN FRANCISCO -- Attorney General Kamala D. Harris today released guidelines on preventing and remedying medical identity theft, including best practice recommendations for the health care industry and tips for consumers. The guidelines are part of a report, Medical Identity Theft: Recommendations for the Age of Electronic Medical Records, which frames the escalated migration to electronic medical records as an opportunity for the healthcare industry to address this problem.
“Medical identity theft has been called the privacy crime that can kill,” said Attorney General Harris. “As the Affordable Care Act encourages the move to electronic medical records, the health care industry has an opportunity to improve public health and combat medical identity theft with forward-looking policies and the strategic use of technology.”
Medical identity theft occurs when an individual uses someone else’s personal information to obtain medical goods or services. For example, a thief may use stolen information to submit fraudulent bills, a doctor or provider may use patient information to write fraudulent prescriptions or an individual may use someone else’s information to obtain treatment.
The report focuses on the impact of identity theft on the accuracy of medical records and argues that the serious risk that inaccuracies pose is not always adequately addressed by existing healthcare industry procedures.
A companion information sheet for consumers, First Aid for Medical Identity Theft, describes the signs of medical identity theft and provides tips on what to do in response. The signs of possible medical identity theft include notice of a data breach from a health care provider, an unknown item in an Explanation of Benefits from a health insurer, a call from a debt collector about an unfamiliar medical bill and questions about your identity or health conditions at intake in a doctor’s office or hospital.
Key recommendations for health care providers:
- Implement an identity theft response program with clear written policies and procedures for investigating a flagged record.
- Offer patients who believe they may be victims of medical identity theft a free copy of the relevant portions of their medical records to review for signs of fraud.
Key recommendations for insurers:
- Make Explanation of Benefits statements patient-friendly. Include information on how to report any errors discovered.
- Use automated fraud-detection software to flag suspicious claims that could be the result of identity theft.
The report can be found here: http://bit.ly/1eup6NO
The guide for consumers can be found here: http://bit.ly/1gnDICS