February 8, 2008 By Jim McKay, Justice and Public Safety Editor
Because of identity theft's prevalence, most of us have taken steps to protect ourselves - thanks to fears instilled from the horror stories of those who've been victimized.
But what about when someone hacks into a health facility, steals medical records and uses medical identification (ID) numbers to get health benefits?
Apparently few of us are concerned something like this will happen. We ignore the explanation of benefits from our health insurers, according to the World Privacy Forum, whose recent study, Medical Identity Theft: The Information Crime that Can Kill You, states that we should be looking closely.
Approximately 250,000 patients each year - or more, as some estimates reach higher - have their medical IDs stolen. The crooks use stolen identities to gain medical services or fraudulently bill private health insurers and government health-care programs.
If that isn't scary enough for you, consider this: The Blue Cross and Blue Shield Association estimates that medical ID theft represents 1 percent of health-care fraud, totaling about $600 million in losses per year.
In the last decade, the number of identity theft cases have skyrocketed, and medical ID theft appears to be a segment of it that's growing too.
But the proper authorities haven't addressed it yet.
It's a shame more than 40 million Americans are without health insurance. And even more shameful is that some of the uninsured have resorted to stealing someone else's medical information to get the services they need.
But it's not just the uninsured or the two-bit drug dealer doing the stealing. There are documented cases of organized groups targeting physician identification numbers and manipulating million-dollar ripoffs of the health-care system.
The Health Insurance Portability and Accountability Act is supposed to provide a shield of sorts for our private medical data. Ironically it doesn't. In fact, it can work against a victim trying to correct a medical record that has been changed by an imposter.
The U.S. Department of Health and Human Services (HHS) is developing four prototypes for a National Health Information Network to make health records available electronically in real time to caregivers.
The Government Accountability Office has noted "significant weaknesses" in the information security controls used for Medicare and Medicaid claims processing. The World Privacy Forum says a National Health Information Network must include significant safeguards.
With few mechanisms available to protect the medical records of patients, the HHS needs to consider the ramifications of a national system that makes medical identity theft even easier than it is now.
This Digital Communities white paper highlights discussions with IT officials in four counties that have adopted shared services models. Our aim was to learn about the obstacles these governments have faced when it comes to shared services and what it takes to overcome those roadblocks. We also spoke with several members of the IT industry who have thought long and hard about these issues. The paper offers some best practices for shared government-to-government services, but also points out challenges that government and industry still must overcome before this model gains widespread adoption.