THERE’S A NEW TWIST to the crime of identity theft. In a recently issued report, the Federal Trade Commission (FTC) alerted the health- care industry to a new threat. Organized criminal gangs are stealing medical information.
Healthcare workers are frequently part of these conspiracies to steal patients’ medical information. Laboratories and pathology group practices are vulnerable to this emerging threat because they typically provide services to large numbers of patients. They employ workers in such positions as phlebotomy, accessioning, and billing/collections—all jobs which are low-wage, high-turnover, but which often have access to sensitive patient information.
Medical identity theft differs from patient identify theft. Medical ID crooks want information about the victim’s identity and medical resources—such as health insurance coverage—information that allows someone else to access medical treatment using the victim’s identity and medical resources.
The FTC’s report, “Consumer Fraud and Identity Theft Complaint Data, January-December 2005,” states that medical identity theft represents 1.8% of all identity theft cases reported between 2000, the year it began tracking victims’ complaints, and 2005. During 2005, there were 4,746 reports of medical identity theft. This is a 4% increase over the number of complaints in 2004.
By the FTC’s narrow definition, medical identity theft involves the use of a person’s name or insurance information without consent to obtain medical goods or services, or to make false claims for medical services. This definition excludes crimes in which the healthcare employee steals the patient’s information and then uses it to open new credit accounts and run up big bills. Because the FTC’s tally of medical identity theft is based upon consumer self-reporting, the actual numbers of such cases is believed to be significantly higher.
Medical ID Theft Indictment
In September, a federal grand jury in Fort Lauderdale, Fla., named Isis Machado and Fernando Ferrer Jr. as participants in a scheme to steal the personal information of more than 1,100 patients of the Cleveland Clinic hospital in Naples, Florida. Machado worked as a front desk office coordinator for the Cleveland Clinic’s hospital in Weston, Florida. Machado’s cousin, Ferrer, owned Advanced Medical Claims, in Naples, according to the indictment.
Machado used a computer to access patients’ names, birth dates, Social Security numbers, Medicare numbers, and addresses. Ferrer used the data to file fraudulent Medicare claims of more than $2.8 million. He also pro- vided Medicare beneficiary numbers to others who then used those numbers to file fraudulent Medicare claims.
THE DARK REPORT recommends that labs and pathology group practices assess their vulnerability to the crime of medical identity theft. Making it tough for crooks is the best defense, since criminals prefer easy pickin’s over hard work.