In 2012, there were 1.85 million medical identity theft victims in the U.S., up 25% from the year before

08 August 2013

NEW YORK (MainStreet)—It’s as creepy as fraud gets. While you are sipping a latte in Williamsburg, across the river on Park Avenue your health insurance card is picking up the tab for five figures worth of elective surgery and maybe another $1,000 in prescriptions and health aids like crutches. The patient is you, with just one problem: you know nothing about any of it.

Until maybe six or twelve months later when downright nasty medical bill collectors are calling you, writing you, emailing you, demanding payment (probably because the check presented to cover the co-pay bounced) — and all for work you never had done.

That’s the reality of medical identity theft, a fraud that suddenly is exploding. “Last year there were 1.85 million victims in the U.S., up 25% from the year before,” said Eva Velasquez, CEO of the Identity Theft Resource Center in San Diego.

She pegged the annual losses due to medical ID theft at $40 billion and, while doctors and hospitals and insurers pick up most of that tab, of course those costs get passed onto patients in higher fees.

The scam works like this, according to Don Jackson, a researcher with Dell SecureWorks who has been tracking what he called “a surge” in medical identity theft. A criminal puts together what is called a “kitz”- which includes a valid health insurance card, a supporting photo I.D. (usually a driver’s license in the health cardholder’s name but with the fraudster’s picture), possibly even a credit card in the same name. That kitz, said Jackson, lately has been selling in online criminal bazaars for $1,200 and up – with most sellers taking Bitcoin, by the way, for buyers who want real anonymity.

The price is high, but do the math. Get $10,000 in work done and the buyer has reaped an $8,800 profit on a $1,200 investment, and that is a return even captains of private equity would salute.

Even better, the likelihood of being arrested and successfully prosecuted is “very small,” acknowledged Velasquez.

The few criminals who do get caught typically have used their victim’s information to branch out–attempting, say, to open new credit cards in the victim’s name. When they add classic identity theft on top of medical identity theft their risk ante is upped and some do get caught. But as for the simple medical fraudsters, they won’t get caught. Ever.

According to Jackson, there is a vast supply of health I.D. credentials on the market, much of it a result of data breaches in doctors’ offices and small hospitals.

Few medical offices have any skill at checking identities of new patients, said multiple sources, and just about zero have the skills to determine that a presented driver’s license is a fake, especially when the license is on a different state.

Buyers of the fake kitz typically “need quick medical work,” said Jackson, who added that many also appear to be foreign nationals.

He also said it often takes the medical industry six to 12 months to realize folks had been had – it’s an industry that processes information at a deliberate pace – and there also may be many cases where nobody ever tumbles to the fact that a fakir used a different person’s health card.

For the victim – the person whose health identity is stolen – there can be consequences beyond financial. Velazquez noted that a common problem is that the medical records get blended, which means everything from blood types to drug allergies can be mashed up in ways that can pose lethal dangers to some victims.

“The scariest part is that somebody else’s medical information is on your records,” said Joyce Morningstar, a wealth manager in Scottsdale, AZ who has helped clients deal with the fallout of medical identity theft.

Exactly what can you do to better protect yourself against medical I.D. theft? Retired FBI agent Jeff Lanza, an expert on medical identity theft, urged a multi-pronged self defense strategy that includes “scrutinizing statements” (don’t just file letters from the insurer, unopened and unread), check your credit report at least annually (unpaid bills will show up on credit reports) and, lastly, ask your health insurer for an annual statement of all items billed under your account.

See items you don’t recognize in that statement? Call, complain, be loud and be persistent.

One fact: experts expect continued, brisk growth in medical identity theft. Which means continued vigilance is the only cure.

Article Soured From: