Locking down EHRs from medical ID theft
It's 'the privacy crime that can kill,' says California attorney generalSACRAMENTO | November 21, 2013
The Office of the Attorney General in California, in collaboration with the American Health Information Management Association, has issued best practice recommendations for providers -- and tips for patients -- to better safeguard health data from theft.
The guidelines, contained in the report, "Medical Identity Theft: Recommendation for the Age of Electronic Medical Records," include implementing a medical identity theft response program with clearly-stated policies and procedures for investigating a flagged record.
Also it's suggested that patients who think they might be victims of ID theft should get a free copy their medical records to review for signs of fraud.
"Medical identity theft has been called the privacy crime that can kill," said California Attorney General Kamala D. Harris, in a press statement. "As the Affordable Care Act encourages the move to electronic medical records, the healthcare industry has an opportunity to improve public health and combat medical identity theft with forward-looking policies and the strategic use of technology."
As for consumers, a toolkit titled, "First Aid for Medical Identity Theft" offers advice for spotting signs of ID theft, and gives tips on how to respond.
According to the attorney general's report, these signs might include notice of a data breach from a healthcare provider, an unknown item on an explanation of benefits statement from an insurer, a call from a debt collector about an unfamiliar medical bill or unusual questions about identity or health conditions at a doctor's office or hospital.
"Health information management professionals play a key role in safeguarding health information, and helping address issues when questions of identity theft occur," said AHIMA CEO Lynne Thomas Gordon in a statement. "AHIMA is proud to have contributed to this important guide to engage the entire industry and to help consumers learn what they should watch for and how to deal with concerns about the protection and accuracy of their health information."
Read the report, "Medical Identity Theft: Recommendation for the Age of Electronic Medical Records," here (PDF).
See the tip sheet, "First Aid for Medical Identity Theft," here (PDF).
[See also: ID firm, ONC work on trusted identity]