Medical identity theft

From Clinfowiki
Jump to: navigation, search

Medical identity theft is the use of stolen patient medical and financial information to receive medical services or submit fraudulent medical claims.[1,2] In 2009, Federal Trade Commission (FTC) has reported more 300,000 victims of medical identity theft.[9] It is estimated that medical identity thefts cost anywhere from $80 to $120 billion each year.[4]

This type of identity theft is particularly more damaging than financial identity theft because it can potentially lead to misdiagnosis, unnecessary treatments, incorrect prescription of medication that can lead to death and it can affect legitimate insurance claims.[1,4,5,6]

Two categories of medical identity theft

There are two categories of medical identity theft. The first category is the use of personal medical information for the purpose of receiving unauthorized medical services and goods. The second category is the use of stolen personal information to obtain money through fraudulent medical claims.[1]

With the prevalence of electronic medical records (EMR), its accessibility, ease of duplication and the advance of information technology, the risk of medical identity theft is much greater and more common.[1,2,6,8]

For consumers, the AHIMA e-HIM Work Group on Medical Identity Theft recommends the following to protect against medical identity theft [3]:

  • share medical and financial information only with trusted individuals
  • monitors the benefits paid by insurers
  • clarify with the insurer any suspect charges
  • keep a copy of health records for reference
  • monitor credit report for medical expenses
  • protect all health insurance-related documents
  • keep health or insurance information from solicitors

For health providers, World Privacy Forum recommends the following best practice guidelines to protect against medical identity theft [7]:

Implement a set of standard federal procedures to handle medical identity theft.

  • Creation of Red Flag alerts much similar to the ones implemented for financial identity theft.
  • Remove all the fraudulent medical information from the patients medical file.
  • Designate trained personnel to handle medical identity theft.
  • Focus on effective approaches
  • Implement medical identity theft risk assessment program
  • Educate the healthcare professionals.
  • Educate the patients.


  1. Rinehart-Thompson, Laurie A. "Raising Awareness of Medical Identity Theft: For Consumers, Prevention Starts with Guarding, Monitoring Health Information" Journal of AHIMA 79, no.10 (October 2008): 74-75, 81.
  2. Terry M. Medical identity theft and telemedicine security. Telemed J E Health. 2009 Dec;15(10):928-32.
  3. AHIMA e-HIM Work Group on Medical Identity Theft. "Mitigating Medical Identity Theft." Journal of AHIMA 79, no.7 (July 2008): 63-69.
  4. Gillette W, Patrick TB. Medical identity theft: an emerging problem for informatics. AMIA Annu Symp Proc. 2007 Oct 11:964.
  5. Dixon, P. Medical Identity Theft: The Information Crime that Can Kill You. World Privacy Forum. 2006. Retrieved May 22, 2011 from
  6. Springer R. Medical identity theft--red flag and address discrepancy requirements. Plast Surg Nurs. 2009 Apr-Jun;29(2):131-4.
  7. Responses to Medical Identity Theft: Eight best practices for helping victims of medical identity theft. World Privacy Forum. 2007. Retrieved May 22, 2011 from
  8. Mancilla D, Moczygemba J. Exploring medical identity theft. Perspect Health Inf Manag. 2009 Sep 16;6:1e.
  9. 9. Protect Yourself From Medical Identity Theft ABC News [Online]. 2011 Mar 1 [cited 2011 May 21]; [1]

Submitted by Joshua Lim