In this digital information age, it’s imperative to closely guard personal information. If you pay attention to the news, you’re familiar with the concept of identity theft, the potential loss of financial information. However, there’s a new emerging type of identity theft — medical identity theft — and it can literally kill you.   

Medical identity theft occurs when someone uses a person’s name and sometimes other parts of their identity — such as insurance information — without the individual’s knowledge or consent to obtain medical services or goods, or uses the person’s identity to make false claims for medical services or goods.

Medical identity thieves can use personal information to get health insurance in the victim’s name, obtain prescriptions, or even check into the hospital to give birth or have surgery.  

You might wonder who in the world would want to scam their way into a medical procedure. The answer is…a lot of people. According to a report from the Ponemon Institute, which conducts research on privacy, data protection and information security policy, 1.85 million people were victims of medical identity theft in 2013. That’s a 19% jump from the year before. The rising tide is leading employers to offer medical identity theft insurance as a voluntary benefit.

While the issue might not be top of mind for employees, the impact of medical identity theft can be devastating. For starters, it often leads to incorrect health record information, which can result in medical professionals innocently taking incorrect measures. For instance, what if a thief has a different blood type than the victim, and this information is altered in the medical record? According to the Ponemon Institute, 15% of medical identity theft victims reported that ID thieves created misinformation in their medical records, which led to a misdiagnosis; 14% reported they had experienced a delay in care, and victims of medical identity theft spend about $18,000 in legal fees, payments to healthcare providers, and other related expenses.

One potential exacerbating factor related to the increase in medical identity theft is that the health care industry continues to lag behind financial institutions in creating consumer protections. This means medical data is particularly vulnerable. With the implementation of the Affordable Care Act, medical data is more digitized than ever before.

Identity theft insurance typically provides services to help head off medical identity theft before it occurs and covers any costs that result if a theft actually happens. For instance, identity theft insurance carriers will monitor a person’s major-medical insurance ID number on the Internet and notify the individual if the number appears to have been compromised or sold. This can be a valuable service because medical identity theft can be difficult to monitor due to privacy laws, such as HIPAA. Some carriers will also make their fraud restoration advocates available to members who have had their medical identity compromised.

Importantly, insurance consumers should be aware that some medical carriers won’t pay for benefits unless the policyholder has suffered a financial loss or their social security number has been compromised. There is no true standard medical identity theft policy, so the policyholder must beware.

What to look for in a policy

If you want to offer medical identity theft insurance as a voluntary benefit, begin by examining any existing identity theft insurance benefit you already provide to employees. Often these policies will include coverage for medical identity theft; however, they may only pay on a claim if there is a financial loss.

If the current identity theft policy doesn’t cover medical identity theft, the next logical step is to contact your broker or carrier to find out whether this protection can be added and, if so, what the exact benefits are.

Typically, medical identity theft isn’t discovered until a bill for services goes into collection, or a requested medical service is denied, or incorrect care is given. While there’s no easy way for employees to know if their medical identity has been stolen, monitoring their monthly Explanation of Benefits reports is a good way to spot trouble early. Remind employees to review these statements carefully and to report any suspicious claims. Why this is important: Even if the thief established a new address with a doctor, the insurance company will still have the employee’s address and mail the EOB to the actual policyholder.

If an employee has been victimized, the theft should be reported to the identify theft carrier and health insurance carrier as soon as possible. Some identity theft carriers will help an employee submit paperwork to reconcile the situation. If there is any personal financial loss associated with the theft, their insurance policy should kick in.

Remember, while some identity theft policies are purely focused on financial losses, medical identity theft can cause more than just financial losses. Providing medical identity theft insurance as a voluntary benefit helps protect the employee’s wallet and can even help avert a major medical crisis.

Ciro Giué is a  benefit consultant with Corporate Synergies, an employee benefits consulting firm and P&C insurance broker.

Register or login for access to this item and much more

All Employee Benefit News content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access