To to take an instant free
tour of North America’s
fastest growing home business opportunity.
Click
here
Victims face bogus bills and risk injury or death.
Privacy laws make such fraud hard to pursue.
September 25, 2006
After shoulder surgery last year, Lind Weaver was
stunned when hospital bill collectors demanded
that she pay for the amputation of her right foot.
"Either you didn't do the surgery, or you did a
really [shoddy] job of it," Weaver told them,
sending along notarized photos of her toes, all
still attached. "Either way, I'm not paying." But
the 56-year-old retired schoolteacher quickly
discovered she was dealing with something more
nefarious than a simple clerical error: An
identity thief had obtained medical care under
Weaver's name and had the bill sent to her
insurer. A year later, Weaver is still trying to
catch errors in her medical records and clear the
hospital bills fraudulently run up in her name.
"It became a 40-hour-a-week job," Weaver said. "I
put my phone to my ear and sat there listening to
elevator music."
Although the most typical of the millions of
identity theft cases in the U.S. each year involve
credit cards, a 2003 federal report estimated that
at least 200,000 instances involved medical
identity fraud. Experts believe that the rising
cost of healthcare is driving more identity theft,
and that many people are unaware they have become
victims unless they receive a hospital bill or
query from their insurer. "There's no reason to
assume the patients ever find out," said Harvard
University management professor Malcolm Sparrow,
an expert on regulatory agencies who has written
books on healthcare fraud. "The bulk presumably
remain invisible." With their medical records
compromised, victims of this kind of fraud face a
greater risk of injury or even death if doctors
make treatment decisions based on bad information.
Files might list incorrect prescriptions or the
wrong blood type. Or, as in Weaver's case, an
erroneous diagnosis of diabetes.
Bad information can also put careers and insurance
at risk. Many employers, including more than a
third of the Fortune 500 companies, demand access
to medical records when making hiring, promotion
or benefits decisions, according to the nonprofit
Patient Privacy Rights Foundation. Health and life
insurance companies routinely scan medical files
or payout reports before issuing new policies.
Victims, though, often find that clearing their
medical records of bad information is much more
difficult than fixing credit reports, which are
centralized in three major credit bureaus.
Consumers have the right to obtain one free credit
report annually, and to demand an investigation of
information they believe is fraudulent or
incorrect. Unverified reports must be removed
promptly. Medical records, in contrast, can be
scattered across dozens of doctors' offices,
hospitals and clinics. And federal privacy rules
intended to protect private information can make
it difficult for patients to even obtain their own
records when identity theft is suspected. "These
privacy rules might put you in a situation where
you can't even investigate," said Wilma Kidd,
chief privacy officer at WellPoint Inc., the
largest U.S. health insurer for employees and
other groups. A big reason most people never find
out about erroneous records is the Health
Insurance Portability and Accountability Act of
1996. The law can make it difficult for patients
to see their own medical records, since the
penalties for improper disclosure prompt some
hospitals to set up roadblocks including demands
for multiple forms of identification. The bitter
twist on medical identity theft is that
once a person tells a keeper of records that
someone else's data might be intermingled, the
file becomes even harder to obtain. Why? Because
it includes another person's medical history,
which many hospitals argue can't be turned over
without consent. Even when patients do see their
records, they have no automatic right to fix
errors they find.
As she battled collection agencies last year,
Weaver fought to see her medical files. She
suspected that someone had used her identity to
obtain a foot amputation, but hospital officials
wouldn't help. Weaver marched into the hospital
waiting room in Bunnell, Fla., and started
shouting that the doctors didn't know who their
patients were. That got her service in a hurry.
After she was shown to a consulting room and given
the file, she soon thought she had weeded out her
impostor's medical history. In May, Weaver
suffered a heart attack at her home in Palm Coast,
Fla., and was in and out of consciousness. When
she awoke in her hospital room two days later, a
nurse asked Weaver what drugs she had been taking
to treat her diabetes. Weaver has never had
diabetes, a disease that can lead to foot problems
severe enough to require amputation. "They could
have given me insulin," Weaver said. "There's a
whole different heart procedure that covers people
with diabetes." Diabetes experts said those
procedures would have been unlikely to threaten
Weaver's life. A hospital spokeswoman declined to
answer questions about Weaver's case. Weaver
doesn't know how her identity was compromised, but
identity fraud is easy when so many in the medical
field have access to intimate records and patients
are admitted without having to prove who they are.
At New York homeless shelters, state Medicaid
identification cards once could be rented for as
little as $2 a day, said Harvard's Sparrow, who
has seen overlapping pregnancies claimed under the
same name. In Veterans Affairs hospitals, some
eligible veterans have their identities assumed by
brothers or cousins who have easy access to their
documents, said Richard Ehrlichman, the
department's assistant inspector general.
Sometimes it's the doctors who commit identity
fraud to collect insurance payments for work they
didn't perform. A Boston-area psychiatrist,
Richard Skodnek, was convicted a decade ago of
fraud after falsifying diagnoses, treatment
sessions and entire patient histories. His
victims, some of whom discovered that their
insurance benefits had been exhausted, had to
struggle to clear their records. In perhaps the
most sensational case, a Chicago podiatrist under
grand jury investigation for exaggerating the work
he performed shot and killed one of his patients
in 2002 when she refused to lie on his behalf.
Ronald Mikos was convicted of the murder last
year.
Many insurance companies have hotlines for
reporting fraud against them, and they sometimes
refuse to pay suspicious hospital bills. But that
often doesn't do the identity theft victims any
good: They still have to make their own cases to
the hospitals, the bill collectors and the credit
agencies. In Weaver's case, getting the insurance
company involved made things worse. After Weaver
realized she was being billed for an amputation
she never had, she told her insurance company,
which refused to pay as well. In the hospital's
eyes, that left Weaver responsible for the whole
$66,000 surgery bill, instead of just her
deductible.
Collection agencies didn't care about her
explanation. Each tacked on a fee and resold the
collection contract to the next agency down the
line. That made correcting Weaver's credit report
especially difficult, because after she
established that she wasn't responsible for one
amount billed on a certain day, the credit bureau
would receive notice of a new amount with a
different date, even though it was based on the
same bogus debt. Even when identity theft victims
avoid health complications, the legal side effects
can be terrible.
Anndorie Sachs of Salt Lake City found that out in
April during a phone call from Utah's social
services department. The social worker told Sachs
that her hospitalized infant had tested positive
for methamphetamine. The state planned to take
away the baby, along with her siblings at home.
Sachs, a mother of four, said that she hadn't
delivered a baby in two years. "I was freaking
out," said Sachs, 27. "She was not going to
believe a word. She said: 'You're Anndorie Sachs.
You're on the birth certificate. We know your
other kids are being exposed to this too.' " After
the social worker grilled Sachs' 7-year-old about
whether her mother had been to the hospital
lately, the agency relented. Months earlier,
Sachs' driver's license was stolen from her
husband's car. It eventually emerged that a woman
named Dorothy Bell Moran had used that license
when she checked into the hospital to give birth.
Already wanted on other charges related to
identity theft, authorities said, Moran hadn't
wanted to use her own name for fear of getting
caught. (She was later arrested on the earlier
charges.) Sachs had to hire a lawyer to
disentangle the legal and medical records, and she
is still fighting a collection agency over the
medical bill. As with Weaver and other victims
interviewed, the Utah hospital cited the health
insurance law and refused to show Sachs her files
after she told them someone else's paperwork was
included. After Sachs went to the local media,
officials agreed to delete both women's records.
Just to be safe, when Sachs contracted a kidney
infection, she chose a hospital that neither she
nor the impostor had used. But some records had
been shared electronically, and the hospital had
the impostor's blood type down as Sachs' — setting
up a possible fatal error. Fortunately, staffers
had drawn blood and double-checked. When they
reviewed other data with Sachs, she found they
also had the wrong emergency contact name and
number. The increased use of electronic records
such as the ones that dogged Sachs could worsen
the spread of medical errors caused by identity
theft.
In the last year, the Senate and the House have
passed broad bills pushing for wider use of
electronic health records. Supporters, including
many big technology firms and insurers, said the
plan would increase efficiency, reduce error rates
and provide earlier warnings about public health
problems. Such a system could also make correcting
medical errors easier — but only if patients catch
them beforehand, and only if the service providers
agree to change them. As the web of electronic
distribution expands beyond the current pilot
projects, more people will see medical records.
That could increase identity theft while making
existing errors harder to resolve, said Joanne
McNabb, chief of the California Office of Privacy
Protection. "There is added risk that we've seen
all over the place with electronic data," McNabb
said. "It can go to the wrong place at the wrong
time very easily."
|
