Per the Ponemon Institute, medical identity fraud occurs when someone uses an individual’s name and personal identity to fraudulently receive medical service, prescription drugs, and goods. It also includes attempts to commit fraudulent billing. Based on the Ponemon Institute 2013 study, an estimated 1.84 million adult-aged Americans or close family members at some point in time became victims of medical identity fraud.

An estimated 2.3 million individuals were impacted by medical identity theft in 2014, a 21.7% increase over the numbers from 2013. Medical identity fraud is continuing to increase every year.

How would I know if a patient has become a victim?

Per the Federal Trade Commission, victims may:

  • Get a bill for medical services they didn’t receive
  • Be contacted by a debt collector about medical debt they don’t owe
  • See medical collection notices on their credit report that they don’t recognize
  • Find erroneous listings of office visits or treatments on their explanation of benefits (EOB)
  • Be told by their health plan that they’ve reached their limit on benefits
  • Be denied insurance because their medical records show a condition they don’t have

Impact of Medical Identity Fraud on Patients

Medical identity fraud can have severe and long lasting effects on patients. Here are some anecdotal examples of the consequences of medical identity fraud:

A retired postal worker from Houston was arrested for purchasing over 1700 opioid drugs after her wallet containing her driver’s license and health insurance card was stolen at a gas station. Fortunately, she had reported the theft to the police and had a police report.

In Utah, a pregnant woman stole a medical identity to gain medical care. When the baby was born with drugs in its system, the department of social services tried to take away the victim’s 4 children, not realizing she was a victim of medical identity fraud. A DNA test helped to get her name off the infant’s birth certificate, but it took years to get her medical records corrected.

A museum worker in California found out that his brother had been using his social security number and healthcare insurance card for years after he was turned down for a new credit card. He says his credit report contained listing after listing of unpaid debt—for his brother’s hospital visits and treatments over the years. Eventually, the brother was arrested and pleaded guilty to 10 counts of criminal impersonation in California. He’s facing more charges in Washington state for allegedly stealing his brother’s identity there as well.

Medical Identity Fraud Alliance (MIFA), a group of several dozen healthcare organizations and businesses working to reduce the crime and its negative effects reports that about 20 percent of victims indicate that they got the wrong diagnosis or treatment, or that their care was delayed because there was confusion about what was true in their records due to the medical identity fraud.

Unlike credit card fraud, victims of medical identity theft can suffer serious financial consequences. The average out-of-pocket cost of a single identity theft incident is $13,450. Based on this statistic, medical identity theft is estimated to cost the healthcare industry over 30 billion dollars a year. Ponemon also found that it took an average of more than three months for victims to even detect the fraud, and more than 200 hours to undo the mess.

Download "Why Does Medical Identity Fraud Still Happen?"

What Providers can do to help prevent Medical Identity Fraud

As a provider, you are responsible for your medical identifiers to the extent you can protect them and mitigate your vulnerability to theft. The following strategies can protect yourself and your practice include:

1. Actively manage enrollment information with payers

You can actively manage enrollment information with payers by updating them about material enrollment changes, especially when:

  • Changing banking information
  • Opening, closing, or moving practice locations
  • Separating from an organization

2. Control unique medical identifiers

Train your staff on the appropriate use and distribution of your medical identifiers, including when not to distribute them. All written prescriptions must include security features like a watermark or thermal ink that shows any attempt to alter a prescription, and industry-recognized design features that prevent counterfeit prescriptions.

Take additional reasonable precautions. Keep prescription pads locked up when not in use, and do not leave them visible in your car.

3. Engage patients in a conversation about medical identity theft

As a provider, you are in an excellent position to raise awareness with patients about medical identity theft and the problems and dangers associated with it. Most patients automatically receive medical bills and an Explanation of Benefits (EOB) following an appointment. By reviewing bills, they may spot medical identity theft by identifying services they did not receive. Encourage patients to review their EOBs, including their Medicare Summary Notices and Medicaid bills.

4. Monitor billing and compliance processes

Adopting sound billing practices is an extremely important strategy and cannot be overemphasized. Keep aware of billings in your name and pay close attention to the organizations to which you assigned billing privileges. This includes:

  • Actively reviewing organizational remittance notices and comparing them with medical record documentation
  • Documenting any conversations with someone else about billing issues
  • Monitoring mid-level provider activities and charting them to ensure that documentation supports billed services
  • Reading all documents before you sign them and keeping copies
  • Reporting suspected fraud

5. Implement a biometric identity system for patient authentication

Adding Biometric technologies and smart cards to register and authenticate patient identities displaces the error ridden and privacy compromising demographics-based approaches currently deployed for patient identification. Biometric technologies used at every patient interaction can eliminate medical identity fraud. To learn more about the Privasent Absolute Identity solution combining biometric security and smart cards for patients, contact us today.



How to Report Medical Identity Fraud

If you think that you may be the victim of medical identity theft, contact:

  • Your Local Law Enforcement
  • Your State Medicaid Agency
  • Federal Trade Commission (FTC) Identity Theft Hotline Phone: 1-877-438-4338 (1-877-ID-THEFT) TTY: 1-866-653-4261 Website:
  • HHS OIG Hotline Phone: 1-800-447-8477 (1-800-HHS-TIPS) TTY: 1-800-377-4950 Fax: 1-800-223-8164 Email: Website:
  • Your Regional HHS Office Click on your region for the appropriate contact information, and then notify the regional office