1 / 19

Identity Theft in Health Care Facilities

jamal
Download Presentation

Identity Theft in Health Care Facilities

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


    1. Identity Theft in Health Care Facilities Faith Mondry, J.D. United States Postal Inspector

    2. TYPES OF ID THEFT Theft of patient identifiers by employee Theft of patient identifiers by non-employee Theft of employee information Theft of “paper” records, HR and/or medical Theft of digitized records, HR and/or medical

    3. Ripped from the headlines: “Identity Theft Reported by 33% of Healthcare Organizations” InformationWeek, November 9, 2010 article ID 228200516

    4. Theft of patient identifiers by an employee or contractor “Operation Quick Change” U.S. Postal Inspection Service Case, reported 3/25/2010, Chicago Tribune, janitorial employee alleged to have stolen patient identifiers out of files at night while she was cleaning medical offices

    5. Ripped from the headlines: “Former Holy Cross Hospital employee pleads guilty to ID theft” -Sun Sentinel, 1/26/2011 Fort Lauderdale, FL ER clerk alleged to have sold patient identifiers for cash

    6. Can this type of theft be prevented? Best practices for pre-employment screening…do the most thorough background check available to your facility! Ask contractors to do the same Ensure that all personal identifiers are handled on a “need to see” basis Ensure that all personal identifiers are properly secured

    7. Theft or misuse of identifiers by non-employee How many stolen laptops do we need to read about before we get the point???

    8. Ripped from the headlines: “Stolen laptop contained Sebastopol substance abuse patient information” -www.pressdemocrat.com/article 20110114, January 14, 2011 -physician’s laptop was stolen at a New York hotel

    9. Can this type of theft be prevented? Restrict patient information and access devices leaving the facility Ensure that any information leaving the facility is encrypted and password protected Ensure that a policy is in place- and that employees are trained to follow it- when sensitive information goes on the road

    10. Classic “medical identity theft” Patients use another identity to obtain medical services Fraudulent medical records lead to fraudulent billing to insurance companies consequences when drug allergies or interactions are under the radar with false patient identities

    11. Ripped from the headlines: “ID theft at the doctor’s office” -New Beauty Magazine, March 26, 2009 The “Big-Bust Bandit” in Orange County, CA used another woman’s identity to undergo liposuction and breast augmentation at the Pacific Center for Plastic Surgery

    12. Where do you keep personal identifier information? Digitized files on desktops and laptops Who has access? Where are the computers located? Is the area secure from non-critical viewing and usage? What about after hours?

    13. Where do you keep personal identifier information? Paper files should be secured…even during the day when offices are occupied File cabinets where information is stored should be outside of public/non-critical viewing areas and should have restricted access when practical

    14. How well does your physical layout protect you from identity thieves?

    15. Where do you place your incoming and outgoing mail? Postal Inspector…I have to ask.

    16. What do you do when a breach occurrs? If an employee is the identity thief…REPORT IT TO LAW ENFORCEMENT and follow institution’s protocol for victim notification If a non-employee is the identity thief…REPORT IT TO LAW ENFORCEMENT and follow institution’s protocol for victim notification

    17. Privacy Issues Legal issues regarding disclosure to law enforcement Risk of fraud/ID theft and continued victimization vs. legal requirements to protect patient privacy Crime on premises

    18. Whom do you report it to? State and local law enforcement Federal law enforcement Depends upon the nature/scope of the crime

    19. QUESTIONS???

More Related