Medical identity theft a growing risk

Once a crook has an insurance card, or a Medicare or Medicaid number, investigators say, it is fairly simple to bill for fictitious services.

An estimated 313,000 Americans will have their medical identities stolen this year, according to a recent study by the Michigan-based Ponemon Institute, bringing the total number in the past few years to 1.84 million.

U.S. hospitals and medical centers have been hit by 56 hacking attacks in the past four years. A hacker traced to Romania lifted identities and other information from 780,000 patients in Utah’s Medicaid files in 2012.

“Medical identity theft has the potential to impede your medical treatment and the potential to kill you,” said Robin Slade of the Medical Identity Fraud Alliance.

“A thief using your identity may have a different blood type or not have the same allergies. It’s a fraud that causes your medical record to get contaminated by a perpetrator.”

Often the thefts start small. CEO Larry Ponemon of the Ponemon Institute said about a third of the people whose identities are stolen have admitted that they shared the information with a family member or a friend who lacked health insurance.

The resulting treatment goes into the record of the ID owner, however, where it can complicate medical care and create expensive liabilities.

“Customer liability is limited in credit card fraud, but nothing like that exists in the health care space,” Ponemon said.

People working in doctors’ offices or hospitals have downloaded patient identities onto thumb drives to enrich themselves by selling the information on black markets — on the street or in Internet chat rooms.

To make sure they haven’t been victimized, consumers should check their medical records and watch their insurance statements for strange activity.

“Tens of thousands of fake medical claims can get paid before anybody gets wise,” said Jim Quiggle of the Coalition Against Insurance Fraud.