<?xml version="1.0"?>
<rss version="2.0">
   <channel>
      <title>Westhill Health Care by Hayley Pittmann</title>
      <link>https://padlet.com/hayleypittmann/healthcare</link>
      <description></description>
      <language>en-us</language>
      <pubDate>2014-08-28 09:13:05 UTC</pubDate>
      <lastBuildDate>2026-01-28 15:59:14 UTC</lastBuildDate>
      <webMaster>hello@padlet.com</webMaster>
      <image>
         <url>http://d262le4z25sx36.cloudfront.net/portraits/smiley.jpg</url>
      </image>
      <item>
         <title>Slashdot News: How to Spot and Prevent Medical Identity Theft</title>
         <author>hayleypittmann</author>
         <link>https://padlet.com/hayleypittmann/healthcare/wish/32406965</link>
         <description><![CDATA[<p><b>Foxbusiness.com | </b><a href="http://www.westhillinsuranceconsulting.com/blog/"><b>westhill consulting insurance</b></a> - While credit card breaches at retailers are grabbing
headlines, identity thieves are quietly homing in on an even more lucrative area: health insurance and medical records. </p><p>More than 1.8 million people in
the U.S. were victims of medical identity theft in 2013, according to a survey
by the Ponemon Institute released in September. That's a 19 percent increase
over the previous year. "Medical identity theft is the fastest growing
component of ID theft," says Drew Smith, founder and CEO of InfoArmor, a
provider of <a href="https://foursquare.com/westhillconsult/">business-to-business</a>
identity theft solutions.</p><p>The latest case involves the
alleged theft by Chinese hackers of 4.5 million medical records from Community
Health Systems, a company that runs 206 hospitals in 29 states. Thieves stole
records including names, addresses, birth dates, telephone numbers and Social
Security numbers. Like any type of identity theft, medical ID theft can damage your
credit and cost you hours of hassles trying to clear it up. But it could also
endanger your life if incorrect information appears on your medical records. &nbsp;Why the bull's-eye? Health information is
easier to hack than credit. In April, the FBI issued a private industry
notification warning to health care providers that their data networks are not
as robust as those in the financial and retail sectors, and "the
possibility of increased cyber intrusions is likely."</p>
<p>Safeguards are in the works, but
the move to electronic records and the health exchanges set up under the
Affordable Care Act, otherwise known as Obamacare, have opened new
opportunities for fraud, both online and off. Experts say Americans can expect
to see medical fraud heat up again in the months before open enrollment for
2015 government-subsidized insurance begins in November 2014.</p>
<p><b>Your medical ID: black market gold</b></p>
<p>Why would hackers bother with
health insurance when they could get a direct line to your pocketbook via
credit cards or financial accounts? "It's very lucrative," says Ann
Patterson, senior vice president and program director at the Medical Identity
Fraud Alliance. "Stolen protected health information can be monetized for
a much greater value than traditional financial account information." </p>
<p>A complete medical identity --
including name, address, phone number, Social Security number, medical
insurance information and access to medical records -- is worth about $50 on
the black market, says Michael Bruemmer, vice president of Experian's Data
Breach Resolution group. "Without medical or insurance information, that
drops to about $10 for someone's stolen information." Bruemmer's group
helped resolve 1,000 health care client breaches last year, including the
largest breach of HIPAA, the Health Insurance Portability and Accountability
Act. </p>
<p>Medical identity theft usually
happens on a large scale, with hundreds or even thousands of identities stolen
at one time. Once hackers have a medical ID, they can use it to procure
prescription drugs or expensive medical equipment or simply to commit financial
fraud -- often for months or years before anyone notices. Why? Partly because
people don't pay much attention to their medical or insurance records. While
most of us wouldn't let a bank or credit card statement go unread, we tend to
ignore the explanation of benefits (EOB) issued by our health insurance after
we have a doctor's appointment or medical procedure. </p>
<p><b>'Friendly' fraud common</b></p>
<p>More than half of all medical
identity theft is what's known as "friendly fraud" or "a
victimless crime," according to the Ponemon Institute study. A typical
example: an uninsured sibling or friend borrows your insurance card for a
procedure, with or without your permission.</p>
<p>In 2013, the Medical Identity
Fraud Alliance interviewed 800 victims of medical fraud. When asked what they
would do differently, half said nothing. "Especially with the Robin Hood
or 'victimless' crime, most people don't think there are consequences,"
says Patterson. "They say it's no big deal." &nbsp;Yet there is no such thing as victimless
medical identity theft. "If your sister has allergies that you don't have
or a different blood type, her allergies and blood type are now comingled in
your records," Patterson says. If you're unconscious and need an emergency
transfusion or injection, that misinformation can kill you.</p>
<p>That kind of consequence comes,
in equal measure, from both friendly and malicious medical identity theft, yet
we continue to be lax about sharing our health information. "As a society,
we just look at health in a very different way than we look at our
finances," Patterson says. </p>
<p><b>Detecting medical fraud before it hurts you</b></p>
<p>Sometimes it takes a questionable
medical bill to alert someone of a compromised medical identity, but even that
doesn't always do the trick. Many people simply ignore such bills from their
insurance companies. By the time a red flag goes up, your insurance may have
been used to procure prescription drugs, black-market medical equipment and
emergency room visits. </p>
<p>The consequences can be
expensive. The Ponemon Institute found that 36 percent of medical ID theft
victims pay to resolve the issue, and their out-of-pocket costs average nearly
$19,000. Even if you don't end up paying out of pocket, such usage can wreak
havoc on both medical and credit records, and clearing that up is a
time-consuming headache. That's because medical records are scattered. Unlike
personal financial information, which is consolidated and protected by credit
bureaus, bits of your medical records end up in every doctor's office and hospital
you check into, every pharmacy that fills a prescription and every facility
that processes payments for those transactions. </p>
<p>Bruemmer expects that will change
soon, with more progressive states raising the bar. "California, in
particular, has the most stringent standard for what constitutes a medical or
health care breach," he says. If an individual's username and password is
compromised on a health care portal there, the provider is required to notify
him or her within five days, Bruemmer says. "I actually think that's the
way the industry is going and there will be more regulations across more
states," Bruemmer says. </p>
<p><b>Compiling a composite identity for the big scam</b></p>
<p>One small breach of information
here and there may not seem like much, but each one could be adding up to
something serious. "Five years ago, most hackers were looking for Social
Security numbers, credit card numbers. They were going for the quick, easy
fraud," says Smith. "Today, they're looking to steal someone's health
credentials, insurance information, credit card account passwords, so they can
continue to monetize victims' identities over a longer period of time."</p>
<p>"Thieves are getting
smart," Bruemmer agrees. "One organization may take a username and
password, another is your credit information, and another is your Social
Security number. The last one may actually get your medical records. What
they're doing is amassing, in three or four incidents over a period of time,
the full identity stream." Bruemmer says, for example, that thieves often
use hacked email accounts to gain personal information. "People say, 'Oh,
it's just the username and password for my email account, I'll just change
that.' You'd be surprised how many people forget and let it go. Then, all of a
sudden, something really bad happens." </p>
<p>As with any organized crime,
fraudsters jump from one channel to the next, as each locks down. "In the
financial world, they jumped from hard checks to electronic to online banking,
and now mobile fraud," Patterson says. "Now they're jumping from
traditional financial channels into health care channels."</p>
<p>Like the RAM-scraping in 2013's
big retail breaches, online medical fraud has become more sophisticated in
recent years. Yet old-fashioned huckstering is alive and well. In July, the owner
of NC Behavioral Health and Counseling Services of Durham, North Carolina, was
indicted for health care fraud, identity theft and 13 other criminal charges
after submitting bogus claims for at least 56 clients. Court records allege
that instead of covering medical services for the patients, the owner spent the
$1 million she received from Medicaid on a Cadillac Esplanade, a Mercedes and a
swimming pool. </p>
<p><b><i>Full story: <a href="http://slashdot.org/submission/3802969/how-to-spot-and-prevent-medical-identity-theft">http://slashdot.org/submission/3802969/how-to-spot-and-prevent-medical-identity-theft</a></i></b></p>]]></description>
         <enclosure url="" />
         <pubDate>2014-08-28 09:14:21 UTC</pubDate>
         <guid>https://padlet.com/hayleypittmann/healthcare/wish/32406965</guid>
      </item>
   </channel>
</rss>
