Identity theft, including medical identity theft, is a growing threat in the United States. Unfortunately, too many consumers, healthcare providers, and businesses of all types and sizes ignore this threat.

The latest statistics still show that one out of four consumers have their identity stolen, equating to about 11.6 million identity theft victims a year. It’s also estimated that some sort of data breach will affect one out of ten consumers, and one out of eight patients will become a victim of medical identity theft.

The cost of identity theft is devastating. Hackers and thieves buy Social Security numbers for just $1.00, but you’ll spend thousands of dollars and countless hours recovering your identity. On the other hand, a person’s medical identity averages just $50, but insurance companies and the patients affected could spend millions in recovery costs.

All It Takes is the Right Data

Identity thieves only need a few key items to steal an identity. A Social Security number, name, date of birth, and a driver’s license number can reveal everything a thief needs. Thanks to the Internet, identity thieves can go to work doing reverse lookups and other searches using the limited information they find, and then gather the other data they need to steal your identity.

Thieves have several outlets at their disposal to steal identities, including:

• Dumpster diving (or your own trash cans)
• Stealing mail
• Check washing
• Stealing wallets and purses
• Performing telephone and email scams
• Obtaining death records

It’s Not Just Professionals

Identity theft is not just perpetrated by professional thieves. In fact, relatives and friends of victims—and even healthcare workers—steal identities every day. Cyber thieves are the most common in data breaches and system hacks.

Everyone is at Risk for Identity Theft

While the elderly are common targets of identity theft, they’re certainly not the only people at risk. Elderly individuals are, however, at higher risk because most are not computer savvy, do not know how to check their credit reports, and are more trusting, which means they’re more likely to fall victim to scams.

The second most vulnerable group is children. Children have clean credit slates and most parents are not proactive at monitoring their child’s credit report. Parents can, however, sign up their children for CreditKarma.com to keep an eye on their credit profile. Also, parents should teach their children to never share personal information (including dates of birth and Social Security numbers) with people they don’t know.

The deceased are also at risk for identity theft. Sadly, thieves look for obituaries to find the information they need to steal the deceased person’s identity. Since most family members do not check the credit of their deceased loved ones, it can be years before the identity theft is ever noticed.

Veterans are also at risk. Because they leave the United States for extended periods, serving their country, thieves take advantage of the fact that they’re unlikely going to check their credit report.

Lastly, people who use social media unwisely are at risk for identity theft. This is because they publicly broadcast their personal information and leave it ripe for the taking by identity thieves.

Medical Identity Theft Cases Are on the Rise

While identity theft is a common occurrence, medical identity theft is growing quickly as well. It’s estimated that 5.8 percent of identity theft cases are medical identity theft crimes—and most arise from medical data breaches. But medical identity theft is also dangerous. It can result in not receiving the right type of treatment due to incorrect medical records, which can lead to adverse reactions and, worse, death.

Preventing Identity Theft

There are many steps you can take to protect yourself from identity theft. While there isn’t a 100 percent effective method to prevent it, these steps are proven to limit the likelihood of your identity being stolen in the future.

• Become a member of ID360, the only identity theft protection company that’s run by law enforcement and recovers your identity after it’s stolen.
• Shred everything that has your name, address, and personal information on it (including junk mail).
• Place a fraud alert with credit bureaus so that they scrutinize new credit accounts.
• Use a gel pen so that your checks and signatures cannot be washed.
• Never put your Social Security number on documents and do not carry your Social Security card with you.
• Review your credit reports annually and look for any unauthorized applications or accounts.

You must take your prevention steps even further to prevent medical identity theft:

• Always check your explanation of benefit documents you receive in the mail, and make sure the services you are charged for were actually received.
• Request and review an annual “benefits paid” statement from your insurance company.
• Keep copies of your own health records for reference.
• Never share your insurance card with anyone.
• Shred medical documents when they are no longer relevant.
• Do not take advantage of free medical care or surveys.
• Report a stolen insurance card immediately.
• Never throw away prescriptions with your name on it.

What to Do When Your Identity is Stolen

There are things you can do to lessen the impact identity theft and medical identity theft have on your life:

• Call 877-ID-Theft and speak to the FTC immediately.
• Call your local police department and file an official report.
• Put a fraud alert on your credit report with all three credit bureaus, and then freeze your credit so it can no longer be used.
• Get copies of all three credit reports.
• Cancel all credit cards in your name.
• Contact your bank and give them copies of your official reports, and freeze your checking and savings accounts.

For more information about how you can prevent identity theft and medical identity theft from happening to you, visit The Identity Advocate. You’ll learn all of the ways you can protect your identity and how to recover it when it’s stolen. You can also contact the identity theft experts at The Identity Advocate by calling 310.831.4400.

Do you know how easy it is to infiltrate, expose, and compromise any type of health care agency? Identity theft can easily happen right under your nose, so the best defense is a good offense. Know your rights and know how you can protect your business by performing an employee criminal background check for prospective employees during the hiring process. Unfortunately, as crime statistics for identity theft continue to soar, an employee criminal background check is more important than ever before for corporations and physician’s offices of any size.

Any employee can be a potential thief, so an employee criminal background check should be conducted on every new hire, whether it is a full time in home caregiver or a temporary /transitional caregiver. As the aging baby boomers discover it is better to have in-home care, and now economy continues to recover, more agencies are hiring more employees, it’s important to know the “do’s and don’ts” of an employee criminal background check. An employee criminal background check ensures that you are protected from identity theft predators or opportunistic criminals masquerading as enthusiastic job applicants. There are many things to consider when performing an employee criminal background check, including the components, laws, and processes necessary to ensure a new employee can be trusted with sensitive information.

What’s Included in an Employee Criminal Background Check?

Every employee background check also includes a thorough employee criminal background check. Some of the information is public and some is private, but all of the information is important in assessing a job applicant. Although the type of information checked varies from state to state and county to county, an employee criminal background check can include:

• Credit, driving, criminal, education, medical, drug test, court, military, and bankruptcy records
• Social Security Number
• Vehicle registration
• Property ownership
• Past employment
• Professional and personal references

All of this information is invaluable, but one aspect that is often overlooked is the credit report. A poor credit rating makes the average applicant a higher risk for identity theft. Additionally, research shows that one in four disputes over information on an employee criminal background check is connected to identity theft issues, so take every precaution to thoroughly evaluate every prospective employee’s credit and criminal records.

Are There Employee Criminal Background Check Laws?

Yes! They vary by state, but the Federal Fair Credit Reporting Act (FCRA) set national standards for performing an employee criminal background check. The law only applies to an employee criminal background check conducted by a consumer reporting agency, which is a firm that administers the employee criminal background check on your behalf. If you decide to perform an employee criminal background check in-house, make sure you follow your state’s background check laws carefully. Remember: Employees have rights, too!

According to the FCRA, some information cannot be reported in an employee criminal background check:

• Accounts in collection longer than seven years
• Paid tax liens beyond seven years
• Bankruptcies after ten years
• Arrest records, civil suits, and civil judgments after seven years

Employee Criminal Background Check: An Overview

Follow this employee criminal background check “cheat sheet” to safeguard your company from identity thieves and potential criminals in the workplace:

• Who: Every employee!
• What: A comprehensive employee criminal background check that abides by all applicable laws
• When: Before an employee is hired
• Why: To protect your business and your employees!
• How: Either in-house or by a consumer reporting agency

If you have questions or need assistance performing an employee criminal background check, don’t hesitate to the contact the experts! It can save your business from disaster. Contact Linda Vincent at 310-831-4400 or connect with her at linda@theidentityadvocate.com

Albany Medical Center was working hard to take care of its patients and bring a higher level of healthcare to the community. According to most patients, the facility was doing a good job of it. Unfortunately, the medical center’s reputation was recently damaged when one of its own nurses was caught stealing patient identities.

With the help of her boyfriend, a nurse stole over 50 patient identities and applied for hundreds of credit cards in their names. The two identity thieves were eventually caught red-handed with a collection of patients’ names, home addresses, Social Security numbers, credit cards, and gift cards.

Sadly, this is just one of numerous cases in which nurses swiped patient identities for personal financial gain. As a medical facility or administrator, it’s your duty to protect your patients from identity theft. After all, more importantly than harming your reputation as a trusted healthcare provider, medical identity theft puts your patients’ lives at risk. Here’s how to safeguard your facility.

Be Strict About Hiring

Implement well-defined hiring practices to weed out potential threats. For example, run extensive background checks on each applicant to make sure there is no history of criminal activity or association with criminals. Also, only hire personnel that can show their qualifications and have a long list of references—references you actually check up on as well. Reference checks are important for every position, but especially for the nurses who will have regular interaction with patients and their private information.

Stick to Regulations

Your patients are at risk every time employees don’t explicitly follow established protocols and federal privacy regulations. This, of course, includes adhering to the rules governing protected health information under HIPAA. Patient records are a goldmine for identity thieves. They contain all of the information they need to easily commit medical identity theft—names, addresses, birthdates, and Social Security numbers. Patient files may even include credit card information for billing purposes. Make sure you follow all of HIPAA’s strict guidelines for how patient information should be handled to reduce the likelihood of that data falling into the wrong hands.

Implement Control Systems

Set up control systems to eliminate opportunities for medical identity theft to occur at your facility. This includes considering both human and electronic security measures. Create an extensive set of policies and procedures that safeguard patients’ personal information:

• Hire an identity theft protection company that specializes in not only preventing medical identity theft from happening in the first place, but also recovering patient identities after they’re stolen.
• Develop a secure IT network that only allows authorized users to access patient records. Require complex passwords to login to the network, and only share them with those employees who need access.
• Configure computer systems containing patient records to automatically logout a user when a workstation is unattended.
• Add security screens to computers in public areas.
• Hold all members of your staff accountable for complying with HIPAA laws.
• Require staff to participate in annual competency training to keep their patient privacy skills up-to-date.
• Never leave patient records unattended in unsecured areas.
• Regularly shred and securely dispose of printed patient records.
• Audit your system regularly to see which records have been accessed and by whom. If you notice patient records have been accessed after hours or have been accessed repeatedly, call those employees in to question.
• If resources allow for it, hire a full-time privacy and security officer responsible for monitoring, tracking, and protecting patient privacy.

Prevent Medical Identity Theft

If your system is breached and patient identities are stolen, hire a professional identity theft investigator to run the investigation. They stay current on all of the latest medical identity theft methods, and use techniques to quickly find the identity thieves. The last thing you want to do is let the identity theft drag on, putting more patients in harm’s way.

Ultimately, as a reputable medical facility, you have a responsibility to keep your patients’ identities under lock and key. Failure to do so not only threatens patients’ health and finances. Identity theft also has far-reaching legal and financial implications that can put you out of business.

Don’t let identity thieves—whether employees or people outside the organization—wreak havoc in your medical facility. Visit The Identity Advocate for more tips and to learn how to set up a medical identity theft protection plan for your business.

Department of Justice

A Southern California man who ran a durable medical equipment (DME) supply company has been found guilty by a federal jury in Los Angeles for his role in a $1.5 million Medicare fraud scheme.

Acting Assistant Attorney General David A. O’Neil of the Justice Department’s Criminal Division, U.S. Attorney André Birotte Jr. of the Central District of California, Assistant Director in Charge Bill Lewis of the FBI’s Los Angeles Field Office and Special Agent in Charge Glenn R. Ferry of the Los Angeles Region of the U.S. Department of Health and Human Services Office of Inspector General (HHS-OIG) made the announcement.

Vahe Tahmasian, 36, of Glendale, Calif., was found guilty on March 21, 2014, in U.S. District Court in the Central District of California of one count of conspiracy to commit health care fraud, six counts of health care fraud and six counts of aggravated identity theft.   Sentencing is set for June 9, 2014.

The evidence introduced at trial showed that between April 2009 and February 2011, Tahmasian operated a Medicare fraud scheme at Orthomed Appliance Inc. (Orthomed), a DME supply company in West Hollywood, Calif.   Tahmasian and his co-conspirator, Eric Mkhitarian, purchased Orthomed from the previous owners and put the company in the name of a straw owner.   The defendant and his co-conspirator then stole the personal identifying information of Medicare beneficiaries and doctors in the company’s patient files and used that information to submit a large volume of fraudulent claims to Medicare.   The evidence showed that during a three-month period in late 2010, Tahmasian submitted more than $1.2 million in fraudulent claims to Medicare for services that were never prescribed by a physician and never provided to the Medicare beneficiaries.   Tahmasian and his co-conspirator then took out more than $622,000 in cash from the company over a six-week period in early 2011.   The evidence at trial showed that Tahmasian used a fake California driver’s license during the course of the fraudulent scheme.   Tahmasian submitted a total of $1,584,640 in claims to Medicare and received approximately $994,036 on those claims.

Mkhitarian, Tahmasian’s alleged co-conspirator, remains a fugitive.

The case was investigated by the FBI and the Los Angeles Region of HHS-OIG and brought as part of the Medicare Fraud Strike Force, under the supervision of the Criminal Division’s Fraud Section and the U.S. Attorney’s Office for the Central District of California.  The case is being prosecuted by Assistant Chief Benton Curtis and Trial Attorney Alexander Porter of the Fraud Section.

Since its inception in March 2007, the Medicare Fraud Strike Force, now operating in nine cities across the country, has charged more than 1,700 defendants who have collectively billed the Medicare program for more than $5.5 billion.   In addition, HHS’s Centers for Medicare & Medicaid Services, working in conjunction with HHS-OIG, is taking steps to increase accountability and decrease the presence of fraudulent providers.

To learn more about the Health Care Fraud Prevention and Enforcement Action Team (HEAT), go to: www.stopmedicarefraud.gov .

Many of us use medical devices to monitor a variety of health issues—everything from sleep apnea to heart conditions—to help keep us safe and sound. What many of us don’t realize is that these devices make us more vulnerable to medical identity theft and healthcare fraud.

Unfortunately, unlike regular forms of identity theft, a medical data breach can have life-threatening consequences. Ironically, the same device that can save a life can also be used by an identity thief to put someone’s life at risk.

So while medical device technology continues to drive innovations in the healthcare industry, we need to be vigilant to prevent identity theft at every turn. Identity thieves are resourceful and just as innovative with their techniques—often striking before the industry has had time to catch up with new security measures.

Identity Thieves Have Their Eye on Healthcare

Personal information is the lifeblood of an identity thief, and nothing could be more personal than your medical information. After all, your medical records can contain even more sensitive information than your financial records, making them prime targets for identity thieves. In fact, while someone’s credit card records sell for about $2.00 on the black market, medical records sell for an average of $20.00. With these financial incentives, it’s no surprise that medical identity theft is on the rise, claiming 1.84 million victims in the U.S. in 2013.

The Risks of Medical Identity Theft

Medical identity theft occurs when thieves use your personal information and your health insurance to receive medical services. They may have prescriptions filled under your name or attempt to fraudulently bill your health insurance provider to receive a refund. And since they are impersonating you when they receive every medical procedure and prescription, this information is recorded on your own medical history. You’re on the hook both financially and medically, and the results can be disastrous.

Consider, for example, that you have an allergic reaction to a medication. Your allergy has been well-documented in your records so physicians know to avoid it. However, if you suddenly find yourself in a medical emergency and doctors are looking at someone else’s records, they may very well give you medication that could make a bad situation worse.

How Your Medical Devices Put You in Danger

Medical monitoring devices such as insulin pumps, implanted defibrillators, CPAP machines (used for sleep apnea), medical alert devices, and even baby monitors could put you at higher risk for medical identity theft. This is because these devices connect to hospital networks, home health networks, smartphones, wireless connections, and other sources. As they attempt to transmit over these connections, a skilled hacker can intercept the data and access a medical device—and any history or personal information associated with it.

What You Can Do to Protect Yourself

If you have a medical device, speak with the manufacturer and/or physician that issued it. Find out what measures they are taking to protect your medical information, and how they safeguard the networks that are connected to your device. What are their data encryption standards? What about password protection protocols? How do they respond to a data breach? If they can’t answer these questions, you should consider switching companies and/or doctors.

With threats only expected to grow as we see more advances in healthcare technology, it’s critical that you take a proactive approach to prevent your medical identity from being stolen. Consider signing up for an identity theft protection plan with a company like ID Theft Solutions, the only one managed by law enforcement that restores your identity back to pre-theft status.

As always, you can also connect with us here at The Identity Advocate to learn more about medical identity theft, and don’t forget to subscribe to our newsletter to have identity theft prevention tips delivered to your inbox every month.

Related Blog Posts:

• The Right Prescription to Prevent Medical Identity Theft
• How to Prevent Medical Identity Theft As Healthcare Reform Rolls-Out
• Are You At Risk For ObamaCare Identity Theft Scams?
• 4 Tips to Prevent Elderly Identity Theft

The launch of healthcare reform begins in October 2013 and has many people worried. Unfortunately, this concern isn’t just about the Affordable Care Act itself. Identity theft experts warn that the already high instances of medical identity theft are set to explode, especially as millions of Americans start looking for insurance options.

They have reasons to worry. Medical identity theft affected 1.85 million Americans this year at a cost of $41.3 billion, according to the Ponemon Institute. As the opportunities for medical identity thieves increase, many more Americans can expect to become targets. The Federal Trade Commission received over 83,000 fraud complaints in 2012 regarding “imposter scams,” in which identity thieves pose as representatives of government agencies to collect personal information. Officials expect these numbers to grow exponentially once the Affordable Care Act begins to roll-out.

The Threat of Healthcare Fraud and Medical Identity Theft

There is a lot of confusion regarding the Affordable Care Act. Signed into law in 2010, enrollment through the healthcare “exchange” begins on October 1, 2013 for coverage starting January 1, 2014. Consumer confusion about the implementation of the law has allowed identity thieves to get a jumpstart on stealing medical identities using information such as Social Security numbers, addresses, Medicare account information, medical history, and other private information.

Gaining access to this information enables identity thieves to fraudulently receive medical care, purchase prescription medications, order medical supplies, and submit false insurance claims—among other forms of healthcare fraud. Although anyone can be a target of medical identity theft, people with the highest risk of fraud include senior citizens, individuals who don’t speak English, and those who have never had insurance coverage or have experienced a lapse in coverage.

One of the latest healthcare reform scams and medical identity theft occurs when a scammer contacts someone and tells him he’s been selected for early enrollment. The scammer poses as a federal employee and tells him that he must supply his personal and financial information, including bank account data, to receive his insurance card. What most consumers are unaware of is that there are no insurance plans or cards directly associated with the Affordable Care Act. Insurance companies, not the federal government, provide these cards, so beware of anyone who asks for this information.

Preventing Medical Identity Theft

Although some medical identity theft is inevitable with the Affordable Care Act, there are ways you can protect yourself and limit the chances of becoming an identity theft victim:

• Be proactive to prevent medical identity theft by signing up for an identity theft protection service such as ID Theft Solutions.
• Never provide or verify personal information over the phone, even if the caller claims to be a federal employee. Federal agencies already have this information on file, so you will never be called to supply it.
• Don’t automatically believe a caller ID screen indicating that a state or federal government agency is calling. Scammers have the latest technology and can display a government agency’s name on your caller ID.
• The government does not send unsolicited emails to request personal information. It only sends correspondence through U.S. mail. You can check the authenticity of a letter by looking up the agency’s phone number yourself and calling it for verification.
• Government employees do not make house calls, nor will they show up at your door requesting information or selling Affordable Care Act-related healthcare plans. Again, legitimate federal employees would already have your information on file.

The best way to prevent medical identity theft as healthcare reform goes into effect is to be aware of the warning signs, stay vigilant, ask plenty of questions, and never hand over your personal information. You can also take advantage of the tools, resources, and advice to avoid medical identity theft by visiting the experts at The Identity Advocate at www.TheIdentityAdvocate.com or by calling 310.831.4400.

What do you do with your empty prescription bottles? What about all of the medical information you receive, such as your explanation of benefits? Being careless with your personal medical information can be dangerous, and the theft of this priceless data can be deadly.

Approximately 1.5 million Americans are victims of medical identity theft each year, a crime that costs the nation $41.3 billion annually. Prescription fraud is a growing form of medical identity theft that is not only extremely costly and time-consuming; it can also put your health at risk and even be life-threatening. Unfortunately, medical identity theft isn’t commonly known by many Americans, and often isn’t detected until it’s too late. When we don’t take precautions to prevent prescription fraud and other forms of medical identity theft, we put ourselves in jeopardy of becoming another victim.

What is Prescription Fraud?
Prescription fraud occurs when identity thieves use your personal information to fill prescriptions in your name. They use your medical identity to receive medical treatment at hospitals and doctors’ offices, obtain medications, and access other healthcare services.

Prescription fraud doesn’t just leave you with a huge bill—it can potentially put your health at risk as well. You may find that false information has been added to your personal health record, such as a change in blood type or supposed allergies. Every medical procedure received and prescription filled by the identity thief becomes part of your medical history, which means you may not be able to obtain the life-saving treatment you need in an emergency medical situation.

Detecting and resolving medical identity theft can be difficult as well. You may not discover that you’re a victim until a pharmacy refuses to fill a prescription because it conflicts with another medication you appear to be taking. To make matters worse, fixing errors in your record can be very challenging due to medical privacy laws. Ironically, the same laws that were implemented to protect your privacy and health information are now protecting the medical identity thief. This restricted access to medical records prolongs the duration of the theft, costing you countless time, money, and frustration.

How to Prevent Prescription Fraud

One of the easiest ways to avoid this type of medical identity theft is simply to be aware of what you throw in the trash. Prescription medication labels carry such sensitive information as your full name and address, the prescribing physician, the type of medication, prescription number, and the pharmacy’s contact information—all of the things a thief needs to perform prescription fraud. Instead of throwing empty prescription bottles in the trash, including the drug information forms, remove the labels and shred them. Other ways to prevent prescription fraud:

• Review every explanation of benefits (EOB). Examine the charges for medical visits or prescriptions you didn’t receive, and report any suspicious activity immediately.
• Never simply toss medical information in the trash. Dumpster divers can easily access your personal information if you fail to shred the documents.
• Secure medical records. Keep your medical records in a safe place inside your home or in a safe deposit box, away from the prying eyes of visitors. Believe it or not, friends and relatives who have easy access to your personal information are often the culprits.
• Safeguard prescription bottles. Hide or lock-up your medication rather than leaving it in plain sight or in a medicine cabinet. This will prevent anyone from walking off with your prescription medication and, later, your identity.
• Manage written prescription slips. Don’t throw them away or leave them out where they can be stolen. These slips are all an identity thief needs to fill a prescription in your name, leave you without your medication, steal your medical identity, and even put your life in danger.
• Enlist the help of an identity theft protection service such as ID Theft Solutions, which can proactively help prevent medical identity theft and even restore your identity when it’s stolen.

Protecting your identity is an ongoing process that takes vigilance. By taking some common sense precautions, you can avoid the exorbitant costs and health risks of medical identity theft. Get more tips for preventing prescription fraud and other types of medical identity theft by visiting The Identity Advocate at www.TheIdentityAdvocate.com or calling 310.831.4400.