Medical identity theft: The identity theft no one is talking about

When the oral surgeon recommended that our daughter have her wisdom teeth removed, we thought we knew what to expect both medically and financially. Morgan’s two sisters underwent this procedure in the past, and we adopted a brave “Let’s get this over with!” attitude as we scheduled her operation.

We expected the least painful part of the procedure to be the surgery bill because the girls are covered under both their parent’s dental insurance. It was an unpleasant surprise to learn from the oral surgeon’s billing manager, “After checking with your insurance, we estimate that your daughter’s surgery will cost you about $1,200 out-of-pocket since she has exhausted nearly all of her benefits this year.”

Something was wrong!

It was late in the day when we discovered that our insurers were planning to deny benefits, and we wracked our brains that evening trying to imagine why, with double insurance, Morgan lacked coverage. Had we forgotten about treatments she received? Were we mistaken about dates when she received services? Could the insurance company records be incorrect? Or, might this be something more sinister, such as medical identity theft?

Medical identity theft

The Federal Trade Commission (FTC) explains that “A thief may use your name or health insurance numbers to see a doctor, get prescription drugs, file claims with your insurance provider, or get other care. If the thief’s health information is mixed with yours, your treatment, insurance and payment records, and credit report may be affected.”

Medical identity theft’s most damaging outcome occurs when a victim receives an incorrect therapy or medication due to the co-mingling of the victim’s health history with that of the thief’s. The financial consequences can be painful as well, including:

  1. Higher insurance premiums due to your apparent high benefit usage.
  2. Calls from debt collectors demanding payment for services you never received.
  3. Damage to your credit report that results in your inability to secure a loan or causes an employer to think twice about hiring you.
  4. Benefits denied until you pay your deductible.

Relief — a simple error brought to light

In our case, multiple phone calls to our daughter’s dentist and both insurance companies finally shed light on why benefits appeared to be exhausted: Morgan’s twin sister, Margaux, had received several dental treatments during the past year. When the oral surgeon’s office called to verify coverage, two girls with the same date of birth and same first initial and last name were confused by the insurance representative who erroneously reported that Morgan’s benefits were tapped out when she actually had more than enough available to cover the surgery.

The misunderstanding was corrected after less than an hour’s work on the phone, but had this been a case of medical identity theft, we might have had to pay $1,200 for her procedure and may have struggled for months to clear up false patient records.

Having experienced the worry associated with a potential medical identity theft, and the relief when we discovered our daughter’s health records were safe for now, we became vigilant about doing what we could to prevent and detect this type of crime.

It’s bad enough when some scammer gets your credit card, but what happens when they steal your access to health care? Even worse, what if that person is a member of your family or a member of the health care field we are supposed to trust?

It’s not an isolated concern. Medical identity theft represented 42.5 percent of the breaches identified in 2014 according to the Identity Theft Resource Center. And the crime appears to be growing — another consumer advocacy group, the Ponemon Institute, said medical identity theft incidents increased 21.7 percent, costing victims more than $13,500 to resolve.

Here’s how you can stay safe

1. Always, always read your Explanation of Benefits

No one would say those statements from your health insurer are engaging reading, but EOBs are often the first indicator that your medical identity has been stolen. Review EOB statements or Medicare Summary Notices (MSN) as soon as they arrive. Be sure the provider listed is a name you recognize and confirm that the date of service is a day when you visited your provider’s office. Note that the service description matches the service you actually received.

2. Be extremely wary of phone offers

Scammers sometimes phone potential victims under the guise of conducting a health survey, or they might masquerade as representatives from Medicare or Social Security. These callers may ask for your health insurance information or might request a credit card to settle a bill.

Hang up. Do not accept a free health care product or service from someone who requests your insurance ID number without thoroughly checking the legitimacy of the provider. The Federal Trade Commission (FTC) advises consumers not to “share medical or insurance information by phone or email unless you initiated the contact and know who you’re dealing with.”

3. Even seemingly innocuous sharing can cost you

Sometimes people share their health insurance information with uncovered family members in order to obtain services without paying appropriate insurance premiums. An example might be a parent who purchases vision coverage from his employer’s benefits menu but does not buy vision insurance for his children. When his child needs glasses, he’s in the position of having to falsify patient information to obtain a discount.

4. Scammers might be closer than you think

The University of Miami Health System describes medical identity theft perpetrators as “doctors, nurses, lab technicians, receptionists or organized criminal gangs.” What’s chilling is that UMHS also reports cases “where family members and friends have assumed the identity of an individual to take advantage of the victim’s health insurance benefits.” They explain that these insider crimes happen because the thieves have easy access to the victim’s identity data and insurance cards.

In some respects, medical identity theft can be a crime of opportunity, so do what you can to prevent your medical identity information from being accessible even to family and friends. Store hard-copy insurance statements in a locked file and shred documents that are no longer needed. Use a password to protect files containing sensitive electronic information.

5. Take advantage of your annual records check

Your right to a free credit report once a year is now common knowledge, but did you know your health insurer has to do the same thing? Once a year, ask your insurer (or insurers) to provide a summary of all benefits paid on your behalf during the past 12 months. Be sure to also request an “accounting of disclosures” for your medical records — this is a list of who received copies of your records from each provider. If you suspect your medical identity has been stolen, request copies of your medical records from your doctors, hospital, pharmacy, and laboratory.

You could even face a bizarre situation where your health care provider refuses to supply your medical or billing records out of concern for violating an identity thief’s privacy.

The FTC provides assurance that you have the right to appeal that decision. Start with the individual listed in your provider’s Notice of Privacy Practices, an ombudsman or patient advocate. If your records aren’t delivered within 30 days of your written request, the FTC recommends that you file a complaint with the U.S. Department of Health and Human Services’ Office for Civil Rights.

6. Don’t be afraid to ask questions.

If anything on your EOB or MSN is unfamiliar to you, contact your insurer to explain. It could be something you didn’t immediately recognize or it could be identity theft. You have the right to know.

7. Report any suspected fraud.

Notify your insurer if you detect that your medical identity has been stolen and alert your health care providers. Use the accounting of disclosures report to contact every party who received your personal health information and inform them that your data was breached.

If you suspect Medicare fraud, report it to the Department of Health & Human Services Office of Inspector General. Place a fraud alert with Equifax, Experian and TransUnion; file a police report and file a medical identity theft complaint with the FTC.

Ask your health care providers to correct your medical records, but be advised that this can be difficult to accomplish. The Coalition Against Insurance Fraud states that “federal law permits patients to correct medical records created only by the medical provider or insurer that now maintains your information.” Hospitals or insurers who later obtain your information are not required by law to make any corrections. If your request for correction is denied, demand that your record includes a statement to the effect that you do not agree with the documentation that is in your record.

Vigilance — your ounce of prevention

Stopping medical ID theft isn’t only on you, the consumer. The Smart Card Alliance, a non-profit multi-industry association, asserts “the way to stop medical identity theft … is to improve patient identification and provide enhanced data protection.”

In the future, enhanced technologies may protect us. Technology consulting firm Booz Allen Hamilton predicts: “Technology solutions such as biometrics, smart cards, or electronic patient records may be able to assist providers in verifying patients’ identities based on past histories, demographics or facial photographs,” but until the future becomes the present, stay aware.

Have you had any experience with medical identity theft? How did you handle it? Tell us in the comments below.

More about...Health & Fitness, Insurance

Become A Money Boss And Join 15,000 Others

Subscribe to the GRS Insider (FREE) and we’ll give you a copy of the Money Boss Manifesto (also FREE)

Yes! Sign up and get your free gift
Become A Money Boss And Join 15,000 Others

There are 6 comments to "Medical identity theft: The identity theft no one is talking about".

  1. Leah says 11 August 2015 at 06:31

    Comments are closed on your other article, but I wanted to bring up one issue I think you missed. Encourage people at all your medical sites to follow HIPPA rules, which means they should NOT by supplying your information. For example, they should make you state your phone number; they should not state your full number and ask if it’s correct.

    My mom was my emergency contact from an ER visit in the town where I went to college. Some woman with the same name happened to use the hospital system as well. Some mix-up occurred, and the woman just agreed to all my mom’s info. Thus, my mom was being billed for her charges. It took me a few months of fighting, lots of letters from my mom, and me sitting in the main billing office until the head supervisor finally agreed to see me (after hours . . . glad I took my studying). And, even then, the only reason the hospital finally agreed to their mistake was because my mom threatened to sue for HIPPA violations, as they told her this lady’s SSN.

    All sorts of mix-ups can occur. Yours was pretty benign, thankfully.

    • Linda Vergon says 11 August 2015 at 09:45

      Thanks for your comment, Leah — and for pointing out that the comments were closed on the second article. The post is now able to accept comments.

      Kind regards,

      Linda Vergon
      Editor of

  2. Top Dog says 12 August 2015 at 09:52

    So what you’re saying is, PAY ATTENTION.

    Those stupid long-winded medical documents you get in the mail? Actually read them. Make sure all of your info makes sense. Make sure you actually visited the doctor when it states that you did.

    In summary, PAY ATTENTION.

  3. Jay says 13 August 2015 at 17:30

    This is absolutely, positively UNTRUE, INACCURATE. Health insurance premiums are not like auto insurance premiums.

    Health insurance carriers are NOT allowed to raise your monthly premiums for using services.

    I’m stunned that this passed the GRS review.

    “The financial consequences can be painful as well, including:

    Higher insurance premiums due to your apparent high benefit usage.”

    • Jacqueline says 14 August 2015 at 14:07

      Hi Jay,

      While you are right that premiums are unlikely to increase in the short-term, they may increase in a subsequent enrollment period.

      According to the Coalition Against Insurance Fraud (CAIF), one of the potential outcomes of medical identity theft is:
      “Higher health premiums. False claims against a health insurance policy can raise your health premiums – costing you yet more money.”

      Personal experience supports the CAIF claim. One family member owns a small business and health premiums for his employees tend to increase significantly each year. His insurance agent explains that the reason for this is in part because of his employees’ high medical expenses.

      Certainly it is possible that an employer may absorb some or all of a rate hike, but it is also possible that higher premiums may be passed down to employees.

      Hope this helps to clarify the point about the possibility of higher premiums.

  4. Chella says 18 August 2015 at 19:33

    This is by far very important advice that I think each and every person should heed to. Medical identity theft has been on the rise in the recent times and people are covering medical expenses for people who are not the beneficiaries. I would love to echo the point on checking through your medical records. this will help you track how your medical insurance is being handled and will go a long way in averting any case of fraud. thank you for this insight.

Leave a reply

Your email address will not be published. Required fields are marked*