Medical Identity Theft

Presented by: Sheri Kuebler LaTasha Burley-Fleming Donna Little Gloria G. Potter Atlanta Technical College June 2011

Who is affected by Medical Identity Theft?

Medical identity theft accounts for 3 percent of identity theft crimes, or 249,000 of the estimated 8.3 million people who had their identities stolen in 2005, according to the Federal Trade Commission. This presentation explores medical identity theft and how clinicians, HIM professionals, and others can work together to prevent it and the mitigating damages it causes to so many people.

To create an efficient and well-integrated Electronic Health Record (EHR)environment that clinicians and health information management professionals will eagerly use while preventing and improving probabilities of medical identity theft.

Prevention The prevention and detection of medical identity theft requires diligent monitoring and appropriate response. Responses may include a variety of administrative, technical, or physical safeguards. HIM professionals (as well as privacy and security officers and other organizational leaders), individuals, healthcare organizations, health plans, and other stakeholders who may be affected must work in cooperation to establish prevention and detection programs.

Prevention The first line of defense may well rest with the individual. Individuals are encouraged to practice the same preventive measures for medical identity theft as they would for financial identity theft. Common preventive measures include:  Sharing personal and health insurance information only with trusted providers.  Monitoring the explanation of benefits received from insurers and obtaining a summary each year of all the benefits paid in the patient’s or guarantor’s name.

Prevention  Contacting the insurer and provider about charges for care that was not received, even when there is no money owed.  Maintaining copies of healthcare records.  Checking personal credit history for medical liens.  Demanding that providers and insurance companies correct errors or append and amend medical records to alert a user to inappropriate content.

Prevention

 Questioning “free” medical services or treatments (sometimes illicit entities use the lure of “free” services to obtain names and insurance information for use in fraudulent claim submissions). Individuals should always question what is being offered and who is paying the cost. If not satisfied with the answers, they should decline the offer.

Prevention

 Protecting health insurance information. Individuals should safeguard insurance cards, explanation of benefits, and health plan correspondence in the same way they would safeguard credit cards.  Refusing to provide insurance numbers to telephone marketers or door-to-door solicitors.

Tools to Protect the Patient

 Do not provide your Social Security number to medical personnel/medical office staff.  Do not provide your home address to anyone, anywhere, anytime unless you want that person to visit you at home.  Use a passport, not a drivers license as primary identification.  Provide medical insurance information at the time of receiving medical services, not over the telephone.

Overcome Barriers

Work to identify and overcome barriers clinicians face in using Electronic Medical Records. Specifically, assist clinicians in the technical selection, installation and usage of electronic records in an effort to decrease loss of productivity. Recuperate installation and maintenance costs attributed to the implementation of electronic medical records.

Educate Clinicians

Engage clinicians to share their learning experiences and requirements for EHRs, as well as reach out to help them adopt EHRs. Create an e-health initiative now and for the future that would be an ongoing process to coordinate clinical concerns and issues, and serve for benchmarking activities organization-wide as they relate to EHR adoption.

Biometrics Identification Technology Perhaps one the most efficient means of safeguarding electronic health data is through Biometrics Identification technology. Biometrics Identification technology can be used for either identification or verification purposes. In general, biometric identifiers can obtain exceptional biological information from people for the purpose of confirming individuality, much like a pin number for an debit card or a drivers' license functions. The most frequently known method of biometric identification is fingerprint biometrics, which is used by police forces throughout the United States and in more than 30 countries. DNA identification is also a common and progressively use of biometric technology.

Biometrics Identification Technology

Other biometrical methods of identification include retinal and iris scans, hand geometry, facial feature recognition, ear shape, body odor, brain fingerprinting, signature dynamics, voice verification, and computer keystroke dynamics. Fingerprint biometrics and hand geometry systems are among the systems most ready for widespread use by American authorities. Also, facial recognition biometrics is predicted to do well in airport security.

Biometrics Identification Technology These technologies have many probable uses in the criminal justice system: to develop contact regulator and uniqueness proof in correctional facilities; as an inspective tool for identifying missing and exploited children as well as offenders apprehended by stakeout systems. It can correctly identify people when they cash checks, use ATMs, cross borders into the U.S., sign on to computer networks, or enter secure buildings.

Biometrics Identification Technology Immigration authorities are testing a similar technology as part of immigration and airport security reform. Most Americans surveyed after September 11 expressed their approval for the use of biometric technology by the INS and airport authorities to track down suspected terrorists. The terrorist-watch proposals have focused mainly on facial recognition systems and hand geometry, both of which would center on the use of a "SmartVisa" system. The smart card stores the biological information of a particular subject and when the card is swiped at the border, for instance, the device also records the subject's facial characteristics and/or hand patterns on a small metal surface to verify the subject's identity.

Biometrics Identification Technology The technology would also allow us to safeguard against identity theft as well as identifying people on terrorist-watch lists as they move around the world. Other uses of the technology appear more threatening to the general public. Last year's Super Bowl, a number of U.S. embassies, and the city of Los Angeles are places that have used some form of facial recognition systems. Having their likeness randomly scanned by law enforcement was to many in the general public a clear violation of personal privacy. The public responded with outrage to the camera scanning at the Super Bowl (now known as the "Snooper Bowl"), but its voice was apparently discounted by Ybor City (Tampa) law enforcement.

Biometrics Identification Technology In mid-summer 2001, as a way to deter crime, Ybor City posted signs warning "Area Under Video Monitoring" while 36 surveillance cameras connected to computers randomly compared faces in the crowd to its database of 30,000 images of wanted felons and missing children. Local citizens, the ACLU, and some members of Congress likened the technology to a "virtual lineup." The legal director of the ACLU's Florida chapter, Randall Marshall, questioned the constitutionality of such surveillance operations.

Biometrics Identification Technology Facial acknowledgement programs have been condemned for their imprecisions and undependability. The digitized photographs are highly vulnerable to changes in lighting and facial positioning. Also, the system may not pick up a match if the picture in the database is two or more years old since the technology has a difficult time recognizing the effects of aging. Different hairstyles, the addition of facial hair, or glasses may also fool the system recognition.

Biometrics Identification Technology Iris scanning is another biometric system that has a great likely for widespread use, but the technology for that systems is still in the testing phase as well. Several sites have been established for testing the technology and many have been quite successful. Iris scans were mentioned as a possible factor in the individuality cards proposed by the Home Office in the U.K. after September 11. One of the biggest problems with the technology is the inconsistency of the iris, which changes appearances depending on whether one has been drinking or taking drugs, whether the person is pregnant, and with the variability's of age in general. Recent reports indicate that the most promising area of study and use with this technology is in economic businesses and for medical record keeping.


Over-all, the inaccuracy rate of biometrics devices is reasonably low. The systems are subject to the same kinds of identification mistakes as humans. Biometrics researchers are trying to strike a slight stability between closeness and safety with these systems. The systems can be adjusted to lessen false negative rates, but only at the cost of growing false approval rates. This exchange presents various issues of each system. Biometrics Identification Technology


 Retina scan A retina scan provides an analysis of the capillary blood vessels located in the back of the eye; the pattern remains the same throughout life. A scan uses a low-intensity light to take an image of the pattern formed by the blood vessels. Retina scans were first suggested in the 1930's.

 Iris scan An iris scan provides an analysis of the rings, furrows and freckles in the colored ring that surrounds the pupil of the eye. More than 20 points are used for comparison. Iris scans were proposed in 1936, but it was not until the early 1990's that algorithms for iris recognition were created (and patented). All current iris recognition systems use these basic patents, held by Iridian Technologies.

Biometrics Identification Technology  Face recognition Facial characteristics (the size and shape of facial characteristics, and their relationship to each other). Although this method is the one that human beings have always used with each other, it is not easy to automate it. Typically, this method uses relative distances between common landmarks on the face to generate a unique "faceprint."  Signature Although the way you sign your name does change over time, and can be consciously changed to some extent, it provides a basic means of identification.  Voice analysis The analysis of the pitch, tone, cadence and frequency of a person's voice.

Conclusion: An ounce of prevention Ultimately, no matter how sophisticated the technology or diligent the healthcare provider, patients themselves may be the best first line of defense against medical identity theft. Most of the time, these problems are consumer reported.

While there’s no fool-proof way to avoid medical identity theft, you can take a few steps to minimize your risk.

Conclusion: An ounce of prevention 

Verify a source before sharing information. Don’t give out personal or medical information on the phone or through the mail unless you’ve initiated the contact and you’re sure you know who you’re dealing with. Medical identity thieves may pose as employees of insurance companies, doctors’ offices, clinics, pharmacies, and even government agencies to get people to reveal their personal information. Then, they use it to commit fraud, like submitting false claims for Medicare reimbursement.


Safeguard your medical and health insurance information. If you keep copies of your medical or health insurance records, make sure they’re secure, whether they’re on paper in a desk drawer or electronic in a file online. Be on guard when you use the Internet, especially to access accounts or records related to your medical care or insurance. If you are asked to share sensitive personal information like your Social Security number, insurance account information or any details of your health or medical conditions on the Internet, ask why it’s needed, how it will be kept safe, and whether it will be shared.


Look for website privacy policies and read them: They should specify how site operators maintain the accuracy of the personal information they collect, as well as how they secure it, who has access to it, how they will use the information you provide, and whether they will share it with third parties. If you decide to share your information online, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL that begins “https:” (the “s” is for secure). Remember that email is not secure.


Treat your trash carefully. To thwart a medical identity thief who may pick through your trash or recycling bins to capture your personal and medical information, shred your health insurance forms and prescription and physician statements. It’s also a good idea to destroy the labels on your prescription bottles and packages before you throw them out.

Presented by: Sheri Kuebler LaTasha Burley-Fleming Donna Little Gloria G. Potter Atlanta Technical College June 2011