Medical Identity Theft – Personally Devastating and Costly

According to the U.S. Department of Health and Human Services (HHS), since it started keeping records in 2009, the medical records of between 27.8 million and 67.7 million people have been breached. Each of these individuals is at risk for medical identity theft. "Medical identity theft is a growing and dangerous crime that leaves its victims with little to no recourse for recovery,” said Pam Dixon, the founder and executive director of World Privacy Forum. “Victims often experience financial repercussions and worse yet, they frequently discover erroneous information has been added to their personal medical files due to the thief's activities.” Hospitals rely on the honor system, taking patients at their word for who they are. Unfortunately false documents are easier to obtain than you would think. In addition, unscrupulous healthcare professions could be the culprits, submitting false claims in your name. The federal government has passed two laws to protect patient confidential information: the Health Insurance Portability and Accountability Act (HIPAA), originally passed in 1996, and the Health Information Technology (HITECH) Act of 2009. Together they layout what healthcare providers and affiliated businesses are required to do to protect confidentiality of patients. HHS can impose a civil fine of between $100 and $50,000 for each failure of a business, institution or provider to meet privacy standards, up to a maximum of $1.5 million per year. A person who knowingly violates HIPAA faces a criminal fine of $50,000 and up to a year in prison. If the perpetrator tried to sell the information for “commercial advantage, personal gain or malicious harm,” he or she could face a $250,000 fine and up to 10 years in prison. Unfortunately absolute patient identity does not seem to be a top [...]

Do we Need a National Healthcare ID? Not Necessarily

I have been following a rather raucous LinkedIn discussion in the HIMSS Group entitled: "Is it time for a unique patient identifier?" In a corresponding blog post, Dr. Arlen Meyers stated that the there were four reasons that we do not yet have a unique patient identifier. Here at Malta Systems, we have developed a healthcare identification system called Privasent that addresses all four problems described by Dr. Meyers. 1.  Concerns about privacy, confidentiality and data security. Americans simply don't trust industry or the government with their health information, given the repeated reports of data breaches and security leaks. Privasent uses a combination of a smart card linked with a palm scan. The patient is scanned at each healthcare encounter, each time a patient checks in for care. Privasent authenticates the patient’s unique identity and presents the correct medical records for this healthcare facility. Privasent does not link demographics with their unique identity, so it presents no privacy risk. Other biometric registration-only solutions rely on demographics to index biometrics compromising patient privacy. Privasent stores the encrypted biometric associated with the medical record number for this particular health care facility. 2.  The EMR industry is resisting change and does not want to take on the added costs of standardizing their platforms to allow seamless data integration using UPIs. An encrypted identity is associated with each of the patient’s EHRs each time the patient authenticates with Privasent providing a foundation for linking disparate records among the providers information systems as well as among providers in an HIE. Privasent’s encrypted identities are associated with the patient’s medical record number at each care provider, enabling an accurate record of care delivery with impenetrable privacy protections. Privasent does not actually hold or [...]

Fraudulent Tax Returns: Is Your Personal Data Safe?

April 15th is fast approaching and the whole country is focused on getting their paperwork in on time. Unfortunately, a number of taxpayers will get an unpleasant response from the IRS that they have already paid out their refund. How could this happen? Well one of the fastest growing scams in the identity theft business is to submit fraudulent tax returns. According to Turbo Tax, “In many cases, when someone files a tax return using your Social Security number, you won’t find out until after the second return is filed. The second return could be from you or the person who has stolen your information. When the IRS receives two different returns with the same Social Security number, the return will be rejected if you e-filed or you’ll get a written notice that explains that a return has already been filed if you paper filed your return. “ The Wall Street Journal reported: that the number of IRS investigations jumped 66% in the past year, with the agency initiating 1,492 probes of identity-theft related crimes in fiscal 2013, up from 898 in 2012 and 276 in 2011. The IRS said it is working closely with local law-enforcement officials in more than 35 identity theft task forces nationwide. Medical Identity fraud has become a popular way of gaining access to sensitive information. In Florida, a ring of 5 people plead guilty to using names they got from a medical provider to submit false tax returns.  An Internal Revenue Service investigation identified 226 false claims totaling $775,879 that were linked to the group. Tax fraud is just another in a long list of why healthcare providers should take a good look at the security of their data. [...]

By | 2017-07-29T02:33:47+00:00 Monday, April 7, 2014|Categories: Absolute Identity|Tags: , , , |0 Comments

Managing Medical Identity Theft

Identity theft is on the rise and medical identity theft is fastest growing target according to a recent survey last month by the Identity Theft Resource Center. Breaches of medical records accounted for 43 percent of all records breaches involving personal information reported in the United States in 2013. That is more breaches than those involving banking and finance, the government and the military or education. Medical Identity theft happens when your personal information (i.e., your name, Social Security Number, health insurance number) is fraudulently acquired for the purpose of illegally getting medical services, insurance reimbursements or prescriptions drugs. According to HHS, the theft of a computer or other electronic device is involved in more than half of medical-related security breaches. Twenty percent of medical identity thefts result from someone gaining unauthorized access to information or passing it on without permission. Fourteen percent of breaches can be attributed to hacking. According to information collected by World Privacy Forum, a research group that seeks to educate consumers about privacy risks, thieves steal medical information for a variety of illegal purposes. An identity thief in Missouri used the information of actual people to create false driver’s licenses in their names. Using one of them, she was able to enter a regional health center, obtain the health records of a woman she was impersonating, and leave with a prescription in the woman’s name. A Pennsylvania man found that an imposter had used his identity at five different hospitals in order to receive more than $100,000 in treatment. At each spot, the imposter left behind a medical history in his victim’s name. A Colorado man whose Social Security number, name and address had been stolen received a bill for $44,000 [...]

Identity Theft: Increasing the Cost of Healthcare

Identity theft is a major concern when it comes to patient safety, but fraudulent billing is also a major cause of increased healthcare costs. According to a recent survey last month by the Identity Theft Resource Center, identity theft is on the rise and medical identity theft is fastest growing target. Breaches of medical records accounted for 43 percent of all records breaches involving personal information reported in the United States in 2013. Thieves working with doctors, use the personal information to fraudulently bill insurance companies and Medicare/Medicaid. A Massachusetts psychiatrist created false diagnoses of drug addiction and severe depression for people who were not his patients in order to submit medical insurance claims for psychiatric sessions that never occurred. One man discovered the false diagnoses when he applied for a job. He hadn’t even been a patient. An identity thief in Missouri used the information of actual people to create false driver’s licenses in their names. Using one of them, she was able to enter a regional health center, obtain the health records of a woman she was impersonating, and leave with a prescription in the woman’s name. A  Miami-Dade family was eventually convicted of bilking $14.5 million from Medicare by charging for bogus medical equipment orders such as hospital beds, oxygen tanks and foot arch supports. Three Cuban American brothers were accused of defrauding the U.S. government's health insurance program by billing $110 million in false claims for HIV drug-infusion treatments at their dozen Miami-Dade clinics. Medicare paid their companies about $84 million in reimbursements between 2001 and 2004, according to federal authorities and court records. After they were indicted on fraud charges they used their Cuban passports to travel from Miami to the Dominican [...]

By | 2017-07-29T02:33:47+00:00 Tuesday, March 11, 2014|Categories: Absolute Identity|Tags: , , , |0 Comments

Malta Systems Attends the 2014 Utah Technology Council Legislative Meet and Greet

This year's UTC Legislative Meet & Greet at the State Capitol Rotunda was a great success with twenty UTC member companies in attendance, including Activecare, Adaptive Computing, Catheter Connections, CenturyLink, Cranium Café, Durham Jones & Pinegar, Instructure, iSchool Campus, Pluralsight, Privasent by Malta Systems, ProPay, School Improvement Network, Spillman Technologies, STEM, STEM Academy, StorageCraft, USTAR, Wasatch Clean Energy, Waterford Institute, and WhiteClouds. The Malta Systems product education team was in full force showcasing the healthcare identity solution, Privasent. With over 80 attendees and 30 legislators in attendance, Malta Systems was thrilled for the excellent opportunity to chat with many of the Utah State Legislators about the exciting possibilities and identity protection that comes with using the Privasent solution. View our photo set on Facebook: View Our Facebook Post by Privasent. [/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

By | 2017-07-29T02:33:47+00:00 Friday, March 7, 2014|Categories: Absolute Identity, Smart Card Tech|Tags: , , |0 Comments

Smart Cards for Identification in the Hospital

Every day thousands of people use ATMs across the country at shopping malls, gas stations and convenience stores. We all know the security tips of keeping them safe; don't use a machine if it looks tampered with, keep your PIN safe, don’t use your birthday as your PIN, don’t write down your PIN anywhere. We feel safe using an ATM because we have what is called two-factor authentication. The two factors are: something you have and something only you know. In this case it is a bank card and a PIN. Two-factor authentication is the standard for all bank transactions and it helps us feel safe about using ATMs. The average ATM transaction is about $60. Now, let's compare this to a hospital, where the average transaction is to the tune of $1600. Even with this incredible price tag, we still rely on paper-based demographic authentication at hospitals and other healthcare providers. Usually you give the hospital registrar your driver’s license and insurance card for identification. Some hospitals require a utility bill to further verify the address. The true problem with this paper-based demographic authentication is that all of these things can be borrowed, counterfeited, or just plain stolen causing invalid or fraudulent records at the healthcare facility. According to the Smart Card Alliance, over 140 million smart cards have been issued by hospitals around the world to identify patients. Smart cards use sophisticated “Chip and PIN” public key cryptography technology, also known as the Europay, MasterCard and Visa, or EMV standard. Smart cards are highly secure and are used worldwide in applications where the security and privacy of information are critical requirements. If you add a personal biometric to the mix what you have is [...]

You’re Not as Unique as You Think

We all think we are unique, one of a kind and of course we are. No one else is exactly like me, but that does not mean that I don’t share my name with others. According to there are 317,472,858 people in the United States and 7 share my name (I’m almost unique). But if your name is Don Brown, there are 1,178 of you and if it is John Smith, there are 45,904 of you. Have you ever thought of how hard it is for your healthcare facility to make sure they have the right person when they pull up your medical record? According to the office for the National Coordinator for Health Information Technology, more than 195,000 deaths occur in the U.S. each year due to medical errors, 60 percent of which are attributable to improper patient identification. Imagine the difficulty of keeping patients straight when a hospital system might be dealing with several million individuals. Human error on both sides of the registrar’s table can cause duplicate or inaccurate records. Many people have very similar names or use middle names or nicknames and fail to consistently give out the same name. Registrars are people and sometimes misspell a name or reverse numbers in birthdates. Each of these things can lead to improper patient identification. Invalid patient healthcare identification can create duplicate records for an individual, billing errors and mismatch of health records that jeopardize patient safety. Malta Systems, Privasent Absolute Health Identification system is a combination of truly state-of-the-art security protocols and patented Malta Systems technologies, enabling Privasent to protect patients from duplicate accounts and inaccurate records. Privasent combines biometric technologies and smart cards to register and authenticate patient identities displacing the error ridden and privacy compromising demographics-based approaches currently deployed for patient identification. Learn more about protecting your healthcare identity with [...]

By | 2017-07-29T02:33:47+00:00 Friday, February 21, 2014|Categories: Absolute Identity|Tags: , , , , |0 Comments

National Patient Identifier on the Horizon?

National Patient Identifiers have been sparking a lot of discussion in the blogosphere in the last few months. Last month a Forbes article posited that a “128-Byte Data Field” identifying an individual could save lives and millions of dollars. On the same day, March 25, 2013 a petition was added to the “We the People” website requesting that the Obama Administration “Ask Congress to no longer prohibit the Department of Health and Human Services from establishing standards for a unique patient identifier.” The Petition goes on to remind us that in 1996 the Health Insurance Portability and Accountability Act (HIPPA) required Health and Human Services (HHS) to “adopt national standards for electronic healthcare transactions” and “a standard unique health identifier for each individual, employer, health plan, and health care provider for use in the healthcare system.” In 1998 Congress passed Public Law 105-277 that prohibited HHS spending any funds to “promulgate or adopt any final standard … providing for, or providing for the assignment of, a unique health identifier for an individual … until legislation is enacted specifically approving the standard.” It was not until 2006, that the Centers for Medicare and Medicaid Services (CMS) started assigning a National Provider Identifier. EHRs to Save the Day? It was once thought that moving to Electronic Health Records (EHRs) would solve a lot of health care problems. While it has helped, it has not proven to be the silver bullet. Dr. Farzad Mostashari, head of the HHS/ONC recently stated in congressional testimony, that, “As of February 2013, more than 230,000 providers — nearly 43 percent of the nation’s eligible professionals, and over 75 percent of eligible hospitals – have earned over $12.6 billion in total payments for meeting the requirements of the EHR Incentive Programs.” [...]