• E-mail
• Print
• RSS

Conquer identity theft

Patient Access Weekly Advisor, October 3, 2007

Want to receive articles like this one in your inbox? Subscribe to Patient Access Weekly Advisor!

In the healthcare spectrum, two types of theft compromise the integrity of your bottom line and the customers who contribute to it: medical identity theft and theft of patient identity.

Medical identity theft is when an individual steals another person's identity to obtain healthcare services. Theft of patient identity is when an individual steals personal health information (PHI).

The following seven strategies to help protect your organization are from Donna K. Gilley, CCS, CHC, director of revenue cycle and regulatory compliance for LBMC Healthcare Group, LLC, in Brentwood, TN.

1. Ask for identification. A student ID, a driver's license, or any photo identification will suffice. But make sure that you don't jump to conclusions if the name on the driver's license and the name on the insurance card don't match up, Gilley says.
2. Publicize your charity care program. Studies have shown that most offenders commit medical identity theft out of desperation when they truly need medical services but do not have insurance to cover the costs. Make everyone aware that they can receive services and pay on a sliding scale, or perhaps incur no costs at all if they qualify for charity care.
3. Publicize the criminal repercussions. Inform patients that stealing insurance or PHI is against the law. Additionally, insist that your organization prosecutes to the full extent of the law. "If [people] know they can come into your facility and commit a crime and get away with it-even if they're caught-it will do nothing but encourage them to continue doing it," she said. It also sets a dangerous precedent.
4. The rumor mill. Educating staff about potential issues surrounding theft should include posting names of repeat offenders. Just do it discreetly, Gilley said. "Make sure it's out of public sight as that is a violation of HIPAA privacy."

5. Share information with other divisions of your organization. You're not allowed to share information with providers outside of your network unless it's for continuity of care, but it's useful to communicate the identity theft problem throughout your organization, including your sister hospitals and outpatient facilities.

6. Develop a policy for cross-referencing records. Separating a mixed record once the hospital has cared for a patient is one of the challenging responsibilities of the medical records department.

7. Consider including notices at the bottom of the patient's bill. Posting a notice on the bill that asks the patient to call the business office if he or she suspects medical identity theft is an option.

Want to receive articles like this one in your inbox? Subscribe to Patient Access Weekly Advisor!

• E-mail to a Colleague
• Print
• RSS
• Archive