While victims of traditional identity theft often catch it quickly, victims of medical identity theft may not know they are victims until they need critical medical treatment. In this episode, Scott Ward, CFE, senior vice president at Qlarant, discusses the insidious nature of medical identity theft, the impact it has on its victims and what people and governments can do to help combat it.
In the excerpt below from episode 119, Ward talks with Sarah Thompson, ACFE Communications Manager, about how medical identity theft is committed by fraudsters and misconceptions.
Ward: Well, with traditional regular identity theft, you most likely are going to realize it relatively quickly that it happens such as credit card, fraud, or theft. You might get an alert from your company that you have your credit card with, or you get an alert from your bank because there's a lot of checks and balances in place. In most cases when it comes to medical identity theft, you really don't know you may have been a victim until maybe you go for medical treatments or you have some life-threatening emergency procedure. It's something that can happen and can sit and grow for years without you ever knowing.
Thompson: That sounds just like the worst-case scenario if you're going in for something that you're already possibly stressed out because you have to make a serious medical decision and only to find out then when you're at your lowest [chuckles] that someone has stolen that. That's horrible. What is it about healthcare data specifically that makes it an attractive target for fraudsters trying to steal identities? Are there fraudsters that only target medical identity theft, or do they also do a regular identity theft or a mix of the two, but what is it about medical data?
Ward: Well, I think that what is a common misconception is that the public may or may not realize the value of what their data is related to medical care, the value of it. From a Medicare/Medicaid standpoint, a person's personal health information or your identifiers are valued anywhere from a million to $1.5 million in potential medical charges that could be billed to those contracts. Then private insurance, it could be even more than that depending upon what type of services that you may see that have been fraudulently billed.
From a standpoint of the types of frauds out there, fraudsters believe that it's a victimless crime because they're not impacting anyone, but that's really not the case. There are some other reasons why this is something that's really attractive or targeted is because with the compromised credentials, identity thieves can use that victims' data to even acquire medical treatments, receive elective surgeries, get prescriptions filled as well. They can also use that information to sell to other individuals that may not have healthcare benefits or things of that nature that another individual could actually get the benefits instead of who actually those benefits are intended for.