When Joanna Saenz opened her mail several years ago, she got quite a surprise. She had delivered a baby girl, born in Nebraska, and she’d just received the hospital bill.

But here’s the glitch – Saenz doesn’t have a daughter, and she’s never been to Nebraska.

The child’s mother had stolen Saenz’s identity, using a birth certificate and Social Security card stolen 10 years ago from Saenz, when she was 17 and in Mexico visiting relatives.

Saenz says her situation consumed 10 years of her life. She is now the founder of Identity Recovery of Colorado, a nonprofit organization dedicated to helping victims of identity theft. Saenz says in her case, the thief had obtained an education, houses and cars in her name.

In the realm of identity theft, medical identity theft is a small slice, compared with incidents of theft stemming from stolen credit card information. But because medical records are so complete, they can pose an even greater risk. These records often include payment data, leading to financial and credit fraud. Payment information is worth a lot when sold on the black market.

But even more frightening is the possibility that a life-threatening error can be made as the medical histories of thief and victim become intertwined over time. A person with an allergy can be given the wrong medication or the wrong blood type.

To protect yourself, ask for your medical records, and review them for any inaccurate or false information. Work with providers and your insurance company to correct them. This will take time…but it could save not just your good name, but your life as well.

Click Here To Bookmark It

Hide Sites

A Texas woman has been sentenced to 15 years in federal prison for orchestrating a scheme to steal the personal information of patients while she was employed by a medical billing contractor.

Katrina Candrick, 34, of LaGrange, Texas, was sentenced in early October on charges of conspiracy to commit identity theft and for unlawful possession of fraudulent identification documents. She has also been ordered to pay more than $163,000 in restitution.

Candrick was employed as a patient account representative at MedAssets, a Richardson, Texas-based health care billing company, from July 6 to Nov. 13, 2009. While employed by the company, Candrick illegally obtained the personal information of more than 1,200 individuals from billing accounts she handled. Many of the victims were patients at the University of Texas Medical Branch at Galveston.

When Candrick was arrested Dec. 14, 2009, she was using the name of a person whose identity she had stolen, and was using stole information to pay for living expenses, vehicles and other items.

This case highlights the rise of insider threats to personal information. These types of crime are committed by employees who have access to sensitive data and more often than not, the employer does little or nothing to perform any monitoring.

Medical identity theft has been on the upswing in recent months, partially due to the wealth of information available in medical records. Thieves can use this information to obtain medical treatment or prescription drugs that they otherwise would not have had access to. Medical records contain not only names and addresses, but also employer and financial account information. Information is also shared between doctors’ offices, insurance companies and other health care facilities.

According to a Ponemon Institute study, nearly 1.5 million Americans have suffered from medical identity theft. It is estimated that the cost of medical identity theft totals $29 billion, approximately $20,000 per victim.

Click Here To Bookmark It

Hide Sites

You’ve just been in an accident and you’ve been rushed to the emergency room. You’re unconscious.

As the attending physician examines you, she reviews what she thinks is your medical record, which shows you’re not allergic to any medications. She prescribes and administers medication to help you with your pain. The problem is that you’re severely allergic to it.

The bigger issue is that the medical records the doctor reviewed aren’t yours.

This scenario is repeating itself again and again. Not only is medical identity theft a criminal offense, but it puts the lives of thousands of people in jeopardy every day.

About 250,000 people are victimized by medical identity theft each year in the U.S. Add that to the potential instances that occur during reported and unreported data breaches, and the number climbs into the millions.

In addition to the possibility of receiving treatment with life-threatening consequences, medical identity theft is one of the most dangerous forms of identity theft.

And in addition to being a danger to your health, medical identity theft can have other consequences, including false medical and pharmacy bills, false health insurance claims, denial of claims, coverage denial, and the expense and time spent of correcting falsified records.

Each of us must take steps to protect our medical information. Just as you faithfully check your credit report, you should also check your medical records, paying particular attention to invoices and insurance claims.

Remember: a little monitoring now can save a lot of work later – and perhaps even your life.

Click Here To Bookmark It

Hide Sites

Could identity thieves be using your personal and health insurance information to obtain medical treatment, prescription drugs or even surgery? Could dishonest people working in a medical setting be using your information to submit false bills to insurance companies?

The answer is a resounding yes. Medical identity theft is a newer twist on identity theft, but it can, just like regular identity theft, affect your finances, your credit and take a toll on your health.

But how would you know if your personal, health or health insurance information has been compromised?

According to the Federal Trade Commission, victims of this type of theft typically receive a bill for medical services they didn’t receive, are contacted by a debt collector regarding medical debt they don’t owe, find unauthorized medical collection notices on their credit reports, are told by their insurance carriers that they’ve reached their limit on benefits when filing a legitimate claim, or are denied insurance because their medical records show a condition they don’t have.

The most worrisome part about this type of theft is that a thief will use your information to get care, and this creates a record which could be mistaken for yours. This could include a different blood type or inaccurate medication information, which could put your life in jeopardy.

While there’s no fool-proof way to prevent medical identity theft, there are some steps you can take to minimize your risk.

• Verify a source before sharing information. Don’t give out personal or medical information on the phone or through the mail unless you’ve initiated the contact and you are sure who you’re dealing with. Be cautious about “free” health services or products from providers who require you to give them your health plan information.
• Safeguard your medical and health insurance information. If you keep copies of these records, make sure they’re secure. Be on guard when you use the Internet, especially to access accounts or records related to your medical care or insurance. If you are asked to supply your Social Security number, ask why it’s needed and how it will be kept safe, and whether it will be shared. If online, look for Web site privacy policies and read them thoroughly. Look for a lock icon on the browser’s status bar or a URL that begins with “https.” Remember that e-mail is not secure.
• Treat your trash carefully. To thwart medical identity theft, shred your insurance forms, and prescription and physician statements. Destroy the labels on your prescription bottles and packages before you throw them out as well.

If you think you’ve become a victim of medical identity theft, order a copy of your credit reports and check them thoroughly. Check your health statements to be sure the statements match the care you received. You should also request a copy of your medical records. You have a right under HIPAA to obtain your records and correct errors in your medical and billing records.

By keeping a vigilant eye on your information and your records, you can reduce your risk of falling victim to medical identity theft. To protect all of your personal information, call LifeLock today. LifeLock will monitor to be sure your information isn’t used to ruin your good name, and if your information is compromised, LifeLock will help restore your credit.

Click Here To Bookmark It

Hide Sites

Health Net data breach prompts attorney general’s “historic lawsuit”

Connecticut Attorney General Richard Blumenthal said last November that he was “outraged and appalled” upon learning of Health Net’s massive data breach and their keeping it hush-hush for six months. He acted on those feelings this week by filing suit against the insurer and its new owners, United Health Group and Oxford Health Plans.

The data breach occurred May 2009 when a hard drive containing the information of 1.5 million customers went missing. Records were for the period 2002 through 2009. Roughly 446,000 of the members are from Connecticut.

Blumenthal’s lawsuit asserts Health Net gave its employees inadequate supervision and training on appropriate maintenance, use and disclosure of protected health information.

The company explained the six-month lag time between their awareness of the breach and their notifying state officials by saying the time was necessary to complete a “detailed forensic review.” Kroll, a computer forensic consulting firm hired to complete the investigation determined the information wasn’t encrypted or protected in any way from access or viewing.

The unsecured data included a total of 27.7 million scanned pages of 20 types of documents such as insurance claims forms and medical records. Members’ Social Security numbers, names, birth dates, prescription information, credit card numbers and bank account numbers were exposed.

Blumenthal also alleges Health Net violated the Health Insurance Portability and Accountability Act (HIPAA) by not encrypting medical information stored on a portable electronic device.

“Sadly, this lawsuit is historic—involving an unparalleled health care privacy breach and an unprecedented state enforcement of HIPAA,” Blumenthal said in a statement.

Regarding the lawsuit, a Health Net spokesman said only that they’ve received a copy of the lawsuit and are reviewing it, and that they “will continue to work cooperatively with the Connecticut Attorney General on this matter.”

The company issued a statement in November when they notified the public of the data breach. In it they said, “Protecting the privacy of our members is extremely important to us. We apologize for any inconvenience or concern this may cause our members.”

Click Here To Bookmark It

Hide Sites

Imagine you receive a collections notice from a hospital 1,000 miles away … in a city you’ve never visited … for a surgery you’ve never had … for a health problem you don’t have … and the notice says you owe more money than your house is worth.

You have to take immediate action, but be warned: Whoever had the surgery might be recovering better than you will.

Start with the financial impact.

Step 1. Place a fraud alert on your credit reports, and review your credit reports.
Step 2. Close your credit card accounts and open new ones with new PINs and passwords. Talk to the fraud department with each company.
Step 3. File a complaint with the Federal Trade Commission and print copies of your FTC ID Theft Complaint Form.
Step 4. File a report with your local law enforcement. Ask them to incorporate the FTC Complaint Form.

Correcting errors in your medical records will be harder, and might be impossible. Worse still, misinformation in your file might be life threatening. The same HIPAA (Health Insurance Portability and Accountability Act) Act intended to protect your medical privacy might work against you because once you indicate that someone else’s medical information is in your file, his or her privacy must also be protected.

Also, any medical providers who didn’t put the erroneous information in your records are not obligated to correct it, nor are insurance companies.

The information in your record might have been sent to a laboratory, a surgeon, a medical specialist, a medical imaging center, an insurance company, a hospital, an anesthesiologist, a home health provider, a physical therapist and a pharmacy.

Patients with primary care doctors with whom they have a good relationship might find them to be their best ally because all medical information should be copied to their offices.

You’re definitely going to need an ally.

Visit LifeLock.com to learn more about the comprehensive services they’re providing to nearly 1.5 million members. Enroll using the LifeLock promotion code DEFENSE and pay only $9 a month.

Click Here To Bookmark It

Hide Sites

Imagine your doctor becomes ill and is no longer able to practice medicine. Imagine he succumbs to dementia or has a stroke. Do you know what happens to your medical records?

If you live in Massachusetts, no one knows the answer because there are no laws governing the disposition of medical records when a medical practice goes under—for whatever reason.

Case in point: Dr. Ronald T. Moody failed to renew his medical license and abruptly stopped paying rent on his office space. He lost his license in December 2007 but continued treating patients without it until February 2008 when his landlord evicted him.

Right now, hundreds of Moody’s patients’ medical records are sitting in a storage facility, but the owner, Jim Appleyard, says he’ll have to destroy them because he needs the space. He contacted the Massachusetts Board of Registration in Medicine.

A board investigator visited the facility, but offered no help or advice because of a gap in state law. “She said, ‘I have no ability to move it, no budget to move it, and no place to store it,’ “ Appleyard said.

It’s another example of patients’ vulnerability to medical, criminal or financial identity theft. Mr. Appleyard seems like an honest person, but the same situation exists nationwide with no remedy.

LifeLock provides comprehensive and innovative identity theft protection to nearly 1.5 million Americans. Visit their website at LifeLock.com. Enroll using the LifeLock promo code DEFENSE and pay only $9 a month after your 30 days of free protection.

Click Here To Bookmark It

Hide Sites