Medical Identity Theft: Discussion – The Human Cost of Medical Identity Theft
The evidence of harm to real people from medical identity theft is unambiguous. Victims may find themselves in situations where they suffer financial losses, are billed for services that do not actually belong to them, and more. Consider these recent cases from the FTC Consumer Sentinel Hotline dating from 2006:
- “On March 20, 2006, someone used my Social Security Number at the Primary Diagnostic Clinic at Duke University to obtain medical services and I was billed for these services. The individual did not show proof of insurance or any type of ID. I have never been a patient at any Duke facility so the bill was quite a surprise.” 
- Another individual stated that someone “keeps putting in a change of address for him but he is not doing it.” This consumer also received two medical bills for a regional medical center on his credit report that were not his. 
- An Indio, California resident discovered that a new medical account had been opened at a hospital in the consumer’s name. 
- One consumer describes a nightmare of identity theft red tape: “Back in 1995 my wallet was stolen at a nearby convenience store in Elsa, Texas. There were no problems at that time until I tried to do my income tax return. They put it on hold because somebody was using my Social Security Number to work at another state. …I have also been denied credit card accounts, loans, and have been charged with accounts from another state. There is one account that I have received from Sterling ER Physicians for the amount of $339 from a collection agency that is from Trenton, New Jersey. I have never left the state of Texas …. and the person who is using my Social Security Number is receiving medical treatment.”
- A Texas consumer discovered that someone was impersonating them to receive employment at a packing company and at a dental office. 
- A concerned Houston mother called on her daughter’s behalf because her daughter was billed for unknown medical services with her Social Security Number. A credit card was opened in the daughter’s name. The mother believed it might be the father doing the harm. 
- After a car burglary, a Kentucky consumer had 7 accounts opened by an imposter. The imposter received treatment at a hospital; the bills went to collections. 
- A consumer found his father’s personal information in his own accounts, including new medical bills and new credit card bills. 
- One consumer who looked at her credit report found that an imposter using her information had rented an apartment and had obtained medical services at a Washington D.C. hospital, as well as a wireless account. 
- A Texas consumer, after receiving her credit report, found out that the suspect had used her Social Security Number at a regional medical center for $1,650 worth of medical treatment. Her Social Security Number card had been stolen. 
- An Arizona man discovered two bills on his credit report that were not his – but were listed in his name. He suspected his ex-wife may have been the culprit. 
- A Columbus resident received a bill from a health network for services that they never received. The suspect in the case was a former girlfriend. 
- One consumer called to state that an imposter had used her identity to obtain a DirecTV account and used services at a pathology lab. The medical account was turned over to collections, and debt collectors were actively trying to collect $790 from the victim. 
- A Connecticut consumer reporter that someone obtained medical services at Yale New Haven Hospital in their name, using their Social Security Number. The consumer’s checking account was also taken over by the imposter. 
- A Miami consumer whose purse was stolen told the FTC that an unknown person had obtained an AT&T wireless account, a credit card, store cards, and medical care at a regional medical center in the consumer’s name. Some of the accounts had gone to collection. 
Victims of medical identity theft may suffer financial pressures and losses. Victims have to clean up not just their medical files, but also their financial files as a result.
- In the case of a Colorado victim who had his medical identity stolen by a man who received multiple surgeries in his name, two years later he is struggling to keep his cell phone bill paid. The victim did not have insurance, and has lost property and a business due to his medical identity theft.
- One victim who wrote to the FTC said that her sister who lived with her stole her identity and used it to obtain services with Tmobile, AT&T Wireless, three different hospitals, and other businesses. This victim had financial issues to clean up, and a medical record. 
Harm From False Entries Put in Medical Record
Perhaps the most egregious victim stories in this area come from a Boston area psychiatrist who altered his patients’ records and others’ records in order to make money from fraudulent billing. The psychiatrist, for non-patients, gave them diagnoses of severe depression and in some cases drug addiction and abuse, when they were not even patients. The psychiatrist billed insurance companies for these services. Court documents from the case describe the harms:
“There is no reason to believe that this misinformation will not lead to misfortune for those whose names Skodnek used in fabricating the sessions. This is an information age. While nominally confidential, these records are vulnerable to disclosure to any number of sources. Whether it should or not, the misinformation will almost certainly have an impact on patients’ lives. It may determine whether an individual will be given a health insurance policy; it may decide whether he or she will receive government clearance; it may affect a whole host of other situations. … Dr. Skodnek’s abuse of trust — and its unquestionable impact on his patients’ lives and the lives of their family members — are very, very troubling. And, what is unusual about this fraud scheme is not that Dr. Skodnek “puffed” the time he spent but went much, much further. He created a paper trail for these patients out of whole cloth, inventing histories of mental health treatment with which those individuals must now contend.” 
This case is the best-documented case of this kind of harm. However, many victims of medical identity theft may have similar issues, they just haven’t learned about them yet.
Denial of Insurance, Insurance Caps Reached
Victims of medical identity theft can be denied insurance due to imposter activity. In the Boston psychiatrist case, the doctor used up each family member’s insurance one after the other until the benefits were “capped.”
Loss of Reputation:
When a medical file has been altered by a suspect, it becomes an albatross around the victim’s neck. A judge in the case of the Boston psychiatrist wrote:
“The evidence suggests that once the claims were entered they cannot be deleted from the system. The most that can be done is to enter a notation in the computer records to reflect that a particular claim was false. In order to accomplish this, each member is obliged to write to Blue Cross/Blue Shield disputing the individual records. Moreover, even where a notation is entered to show that the billing record was false, the insurance carrier cannot declare–and the notation will thus not reflect –whether Skodnek’s statements about diagnosis, medications prescribed and/or psychiatric symptoms of the patient were false.” 
This is true. After falsified information is entered into a patient file, that information is in that file typically for good. Most health care providers, upon learning of a mistake in the file will correct the file. But not all will.
Physician Loss of Reputation: Theft of Physicians’ Identities
Physicians may experience theft of their professional identity in association with either the commission of medical identity theft, or for other health care fraud purposes. This is an area that will need to be watched carefully for any increases. It is unknown what kind of professional education is available to physicians about this issue. This report does not consider the specific challenges physicians encounter in this situation.
- A Tennessee doctor’s professional identity was stolen, in that his Medicare provider number was obtained by a couple who then billed false claims in his name. The doctor’s provider number and name were used without the knowledge of the doctor to obtain more than $1,000,000 in payments from Cigna Medicare. 
- Nurses, too may have their professional identities misused. In 2005, New York Attorney General Eliot Spitzer brought a case against a woman who had impersonated a nurse for 2 years. This case, however, was not related to a broader health care fraud case. 
Loss of Medical Record Privacy: Subpoenas
If an individual is a victim of medical identity theft and his or her records have been altered by a physician or another individuals, those records that have been altered may be subpoenaed for a criminal or civil case against that individual. The records can be sealed by the court, but the medical history still gets floated to more parties than a trusted health care provider.
Loss of Time
The FTC 2003 survey found that identity theft victims spent an average of 30 hours cleaning up and recovering from the misuse of their identifying information. It is unknown how many hours it will take for medical identity theft victims to clean up after the crime, but evidence suggests that it may take more time because of the difficulty in amending medical records and the time it takes to follow up with insurance companies.
 World Privacy Forum FOIA to the Federal Trade Commission. FTC FOIA-2006-00601. FTC Reference No. 8079665.
 Ibid, FTC Reference No. 8079842.
 Ibid, FTC Reference No. 8078067.
 Ibid, FTC Reference No. 8078114.
 Ibid, FTC Reference No. 8077739.
 Ibid, FTC Reference No. 8077815.
 Ibid, FTC Reference No. 8079385.
 Ibid, FTC Reference No. 8078141.
 Ibid, FTC Reference No.8078943.
 Ibid, FTC Reference No. 8079056.
 Ibid, FTC Reference No. 80299279.
 Ibid, FTC Reference No. 8079611.
 Ibid, FTC Reference No. 8079613.
 Ibid, FTC Reference No. 8079713.
 Ibid, FTC Reference No. 8079862.
 Ibid, FTC Reference No. 8079524.
 United States v. Skodnek, 933 F. Supp. 1108,; 1996 U.S. Dist. LEXIS 9788 (D. D. Mass. 1996).
 “Individual arrested for criminal charges with health care fraud.” Federal Bureau of Investigation, Knoxville Division, press release, May 15, 2003. < http://knoxville.fbi.gov/pressrel/2003/kx051403.htm >.
 “Nurse imposter arrested, faces identity theft charge.”Office of New York State Attorney General Eliot Spitzer, press release, August 31, 2005. < http://www.oag.state.ny.us/press/2005/aug/aug31c_05.html >.
Roadmap: Medical Identity Theft – The Information Crime that Can Kill You: Part II Discussion – The Human Cost of Medical Identity Theft