Fraudsters steal personal medical data and are treated at your expense: how not to become a victim of fraud

The identities of approximately 11 million HCA Healthcare patients in 20 states have been compromised in a hack. Such medical data can be stolen and used for fraudulent purposes. WUSF.

Photo: IStock

Consumers need to understand that such "medical identification" fraud can occur in several ways, from large-scale hacking to individual theft of someone's data.

Evelyn Miller Story

The first sign that something was wrong was a message Miller received from Emory Healthcare's emergency room telling her that her waiting time for an appointment was between 30 minutes and 1 hour. This is strange, she thought. She no longer lives in Atlanta and has not used this hospital system for many years. She then received a second text similar to the first. Must be spam, she thought.

On the subject: Fraudsters have learned to fake people's voices: now a fake son or daughter can call you and ask for money

When an Emory employee named Michael called her the next day to discuss the diagnostic results of her visit to the emergency room, she knew something was definitely wrong. “It struck me that someone could sign up under someone else’s name and not have ID verification or anything like that,” Miller says.

While the name and date of birth given to her by the employee were correct, Miller's address was not. She now lives in Blairsville, Georgia, a few hours north of Atlanta. Michael said he would fix the problem. The following week, she received a bill from Emory for over $3600.

After an unsatisfactory conversation with someone in the hospital's billing department, Miller sent a letter to the hospital's privacy officer. Miller recalls writing, "I think something is going on, that someone is using my information, these actions seem to be fraudulent."

Emory Healthcare spokeswoman Janet Christenbury declined to comment specifically on Miller's case, but said, "We take these issues seriously and are working with our teams to ensure our processes and procedures are followed."

Miller, 63, a former health administrator, was smarter than most about what could have happened.

The average person is unaware that such a problem may arise until the theft occurs.

Theft of medical information

“Most victims become aware of these scams by accident,” says Eva Velasquez, president and CEO of the Identity Theft Resource Center, a non-profit organization that provides free help to victims of identity theft and identity theft.

For example, someone may apply for a mortgage and find out that their credit is ruined by unpaid bills for medical treatment they didn't receive.

This is a double whammy. Unlike other forms of identity fraud, medical identity thieves can steal not only their victims' personal information - social security number, date of birth, address - but also information about their medical records and care, potentially putting their health at risk.

Like the article? Support ForumDaily!?

“Sometimes people can't get their prescriptions if their records are mixed with someone else's,” Velazquez says. -You may not be able to get the treatment you need. Serious consequences are possible."

The theft can only affect one person whose insurance card was stolen or "borrowed" to pay for medical services. This can happen as a result of a data breach, as happened with HCA Healthcare. Although such large-scale hacks are more likely to be used in financial fraud schemes than to obtain medical care, experts say.

Compared to other types of identity fraud, medical identity theft is rare. In 2022, for example, the Federal Trade Commission received 27 identity theft reports, and the number of identity theft reports related to new credit card accounts exceeded 821.

Medical identity theft also manifests itself in different ways.

One thief, one victim

If someone obtains another person's health insurance number, driver's license, or other form of identification, they can use it to obtain medical services in someone's name.

Busy hospital emergency rooms can be an attractive target for scammers. According to Rade Vukmir, an ER physician in Pittsburgh and a spokesperson for the American College of Emergency Physicians, procedures typically require patients to show insurance and photo ID at check-in. But these institutions also don't want to divert people from getting medical care, and people who are uninsured or disadvantaged may not have such documents.

Theft of medical records can happen, for example, if someone loses their wallet with their insurance card. But these situations don't just happen among strangers. The victim often knows the thief and may even be involved in a so-called "friendly scam".

According to one study, nearly half of the people who did not report identity theft said it was because they knew the thief.

For example, one person might have a higher copay for going to the emergency room, Vukmir says, so they let a family member, like a cousin, use their insurance card to get care.

Gangs of thieves, millions of victims

In 2022, 707 medical data breaches affected nearly 52 million patients, according to an analysis of data from the Office of Civil Rights of the Department of Health and Human Services by HIPAA magazine.

Under federal law, healthcare organizations must notify people when their medical information has been compromised in a hack.

The largest medical data breach to date occurred in 2015, when nearly 80 million Anthem records were exposed. In recent years, there has been a clear upward trend in breaches, which are usually caused by hacks or IT incidents.

The American Hospital Association is “very concerned” by overseas-based hacker groups from countries such as Russia, China, North Korea and Iran, says John Riggi, National Cybersecurity and Risk Advisor for the American Hospital Association.

Riggi says personal information in people's medical records can be sold in bulk to criminals who create fake suppliers to make fraudulent claims on a massive scale. This can result in losing hundreds of millions of dollars in Medicaid, Medicare, or other insurance fraud. Or they may use this information to create fake identities to apply for loans, mortgages, or credit cards.

According to Riggi, financial institutions use sophisticated algorithms to detect purchases and other unusual patterns. In healthcare, such mechanisms can be used to track claims where a provider is more than 1600 km away from a patient's place of residence, or, for example, a physician sees a patient for a condition that is inappropriate for their age or health.

What consumers can do

As a general rule, consumers should monitor the notices and bills they receive from insurance companies and service providers and contact them immediately if they are in doubt.

In Miller's case, it's not clear if her problem was caused by administrative confusion, such as another patient with the same name, or medical data theft. But within a month of her first call, the hospital dropped the charges and assured her that her medical record was separate from that of the other patient.

You may be interested in: top New York news, stories of our immigrants, and helpful tips about life in the Big Apple - read all this on ForumDaily New York.

Other steps to take:

• Write to the FTC Identity Theft website for next steps.
• If someone has used your name, contact any health care providers who may have been involved and ask for a copy of your medical records and then report any errors to your health care providers.
• Notify your health plan's fraud department and send a copy of the FTC identity theft report.
• Submit free fraud alerts to three major credit agencies and receive free credit reports from them.
• Consider filing a police report. If your health plan offers free credit or identity theft tracking after a breach, take advantage of it.

"It's best to act as if your data has been compromised and will be up for sale," says Velazquez, whose organization offers free identity theft recovery assistance. “Don’t be afraid to ask for help.”

Read also on ForumDaily:

Like in a jacuzzi: the water in the ocean near Florida has become a record warm

In Yellowstone, a grizzly bear attacked a woman: she died

Stretching, balance or strength: which workouts to choose to live longer

Do you want more important and interesting news about life in the USA and immigration to America? — support us donate! Also subscribe to our page Facebook. Select the “Priority in display” option and read us first. Also, don't forget to subscribe to our РєР ° РЅР ° Р »РІ Telegram  and Instagram- there is a lot of interesting things there. And join thousands of readers ForumDaily New York — there you will find a lot of interesting and positive information about life in the metropolis.