Imagine being rushed to the hospital with appendicitis, but your medical chart – unbeknownst to you – shows that your appendix has already been removed. That confusion could delay treatment.
What if your blood type is different from what’s in your medical file? Or maybe you have severe drug allergies, but the records have been changed and now show you don’ have any?
This is what can happen to victims of medical identity theft – a rapidly-growing problem that relatively few people know about it.
Medical identity theft takes place when someone uses your name and personal identifying information to receive medical services, devices and/or prescription drugs.
“It’s an insidious crime and the consequences can be deadly,” said Robin Slade with the Medical Identity Fraud Alliance (MIFA). “This fraud causes your medical records to get contaminated by the perpetrator’s medical information, so it could literally kill you.”
And this crime is on the rise – up 20 percent within the last year, according to a new national survey from the Ponemon Institute which specialized in privacy issues.
“We don’t think this is an anomaly,” said chairman Dr. Larry Ponemon. “We think this crime is becoming more popular with criminals because a medical record is actually more valuable than other forms of personally identifiable information, like a credit or debit card record.”
This study, conducted by Ponemon for MIFA estimates that nearly two million Americans have become victims of this crime. They will spend more than $12 billion in out-of-pocket expenses this year alone to deal with the consequences of their compromised medical or insurance files.
With most forms of identity theft, you realize you've been the victim fairly quickly. It doesn't take long to discover that a thief stole your credit card number and went on a shopping spree.
Medical identity theft, like an undetected tumor, can grow without your knowledge.
“It may be years or decades later that you find out that your medical record has changed, putting you a great peril,” Poneman told me.
And that discovery can come as quite a shock.
Nikki Gordon was 17 when she tried to donate blood at her high school in Portland, Ore., and was turned away because her medical records erroneously showed she had AIDS.
“I was flabbergasted,” she told me. “And my mother was irate.”
Gordon knew she did not have AIDS and pushed for an explanation. Eventually, she was told that someone in California with the disease had used her Social Security number for treatment.
A blood test proved Gordon did not have AIDS, but it took a great deal of work over the course of many years to get her records corrected.
“With life insurance and health insurance and all of those things, if that false information ever got out, it could potentially be very damaging,” she said. “I got lucky; this could have gone in a very different direction.”
Victims sometimes help the perpetrators
Another key finding of this study: some “victims” of medical identity theft aren't victims at all.
In fact, a third of the medical identity theft victims in this survey said they knowingly gave their personal medical information to a family member, relative or friend who needed medical treatment they could not afford.
“Sharing medical credentials this way is not viewed as a crime by some, but rather as a good deed,” he said.
Of course, this “Robin Hood” mentality drives up the cost of health insurance for everyone. And it’s still fraud.
It’s going to get worse
Fraud experts say steps must be taken now to vaccinate the American people against this threat to their health. They predict the problem will get bigger as more people get health coverage under the Affordable Care Act and the use of electronic health records continues to grow.
“The ubiquitous shift to electronic storage of records in the medical industry, not just on electronic health records systems, but on medical devices and mobile apps as well, has resulted in greatly increased consumer vulnerability,” explained Eva Velasquez, president and CEO of the non-profit Identity Theft Resource Center (a member of MIFA). “These challenges are not insurmountable at this time, but we must unite to develop technologies, strategies and policies to ensure the safety of consumer data.”
There are things you can do right now to protect your personal health information:
- Review your Explanation of Benefits (EOBs). The EOB is the statement you get from your doctor or other medical provider whenever you make an office visit or receive treatment. Many people don’t double-check them, especially if their insurance is paying the bill. Ensure the doctors listed and services provided are accurate. If you find an incorrect item, even if no money is owed, contact your insurance company immediately.
- Obtain your “benefits request” annually. Your insurance provider can provide a list of all benefits and services paid in your name, which you can review to confirm all the services listed were received.
- Safeguard your insurance-related paperwork. Shred your Explanation of Benefits or file it in a secure location.
- Report lost or stolen health insurance identification cards. Alert your insurance carrier of misplaced, lost, or stolen cards to avoid unauthorized use.
- Be vigilant when providing your personal or insurance information. Be sure you’re dealing with a reputable healthcare provider. Be cautious when offered free medical services. Often fraudsters use this as a way to obtain your health information.
- Review your credit reports annually. You have a right to request a free annual credit report from each of the three credit bureaus. Check to see that your reports are free of any medical liens.