Monday, October 3, 2011

Prevent medical identity theft with a degree in Health Information Management

Health information managers (HIMs) are committed to protecting patient privacy and confidentiality by protecting personal health information. Protecting the information contained within the record traditionally involved limiting access to those involved in the patient’s care.

Although this is still the case today, advancement in technology, the growth of electronic health records, and the ability to store data on removable storage devices have all contributed to medical identity theft. Now, HIMs play a vital role in protecting patients in a completely different way -- protecting their identities.

The changing medical landscape and the increasing demand for HIM professionals equates to the need for more health information management training and degree programs, such as the new healthcare degree programs we launched here at Peirce College.

As Assistant Professor and Program Manager of these Health Information Management degree programs, I am always watching trends and issues impacting the education of future HIM professionals.

As we educate the next generation of health information management professionals, we must equip them with the skills and tools needed to protect patient privacy in a world where information is exchanged at a faster pace than ever before. I recently spoke at Doylestown Hospital on this very topic, covering important issues surrounding patient privacy rights and how to protect yourself from medical identity theft.

Medical identity theft is a major issue impacting the healthcare industry today that people aren't always aware of. As defined in “Exploring Medical Identity Theft,” medical identity theft happens when “someone uses an individual’s identifying information, such as their healthcare insurance information or SSN, without an individual’s knowledge or permission, to obtain medical services or goods, or to obtain money by falsifying claims for medical services and falsifying medical records to support those claims.”

As HIMs, we can do our part to minimize the damage and prevent further growth of this type of crime. Typically when we think of identity theft, we think of credit card theft, or of someone sifting through the bills we’ve tossed in the trash.

The good thing (dare I use the word good in this situation) about credit card theft is that there are mechanisms in place intended to protect a victim. It is more traceable. The same is not true for medical identity theft, which today is the fastest growing type of fraud.

Unfortunately, most victims of medical identity theft don’t know they’re victims until they go to the hospital and they’re told that their medical benefits have been exhausted. It is a scary thing, and very difficult to recover from.

Let me give you an example of one especially notorious case of medical identity theft. Isis Machado worked as the front desk clerk in a Cleveland Clinic in Naples, Fla. where she had access to the entire patient registration system, including patient demographic information, such as dates of birth, address, insurer, and insurance policy and group number.

She stole patient information from a great number of people and then sold that information to her cousin, Fernando Ferrer, who used the information to set up a fake clinic and then billed Medicare for false patients receiving false care. Medicare paid. He then closed up the fake clinic, so by the time Medicare caught on, they had already been defrauded. He was later fined.

Unfortunately this kind of case happens so much more often than one might expect. Thieves have realized that stealing medical information is quite lucrative. Pam Dixon, Executive Director of the World Privacy Forum, pointed out in a 2007 BusinessWeek article about medical identity theft that stolen medical records are worth between $50 and $60 on the black market. Easy to see why criminals choose this over the pennies they get for a social security number!

The federal government has responded to this surge in medical identity theft with the implementation of an identity theft prevention program called the “Red Flag Rules.” Originally intended for the world of finance and banking, the healthcare industry now uses the same prevention program. Have you ever received a phone call from your credit card company to confirm that you made that expensive purchase at Best Buy, or that you did in fact charge that hotel room in Paris? These are the Red Flag Rules in action.

The move to protect patients and consumers is growing. There are a number of federal agencies that are working collaboratively to fight medical identity theft, including the Federal Trade Commission's Bureau of Consumer Protection that offers tips for detecting, preventing, and bouncing back from medical identity theft.

Efforts are being made on the state level as well. The Pennsylvania Attorney General's Office has tips for Pennsylvanians about how to protect your medical identity.

This is where the roll of the health information management professional really shines, with respect to protecting the privacy and the confidentiality of medical information. We might not change bandages or administer medication, but we advocate for patients in a different way, by advocating for the privacy of their health information.

Because when identifiable health information is in the wrong hands, it can do horrendous damage. Get the education now that will prepare you to be an integral part in this fast growing industry and make a real difference in the lives of patients and the future of healthcare. Visit Peirce's website to learn more about our healthcare degree programs and the careers you can access with the right education.