Medical Identity Theft

About medical identity theft, the World Privacy Forum medical identity theft report, and our key resources

The World Privacy Forum is the leading expert on medical ID theft. We published the first major report about medical identity theft in 2006 and brought this crime to the attention of the public for the first time. We maintain up-to-date information and tips for victims, as well as conduct and publish new research.

What is medical identity theft?

Medical identity theft occurs when someone uses a person’s name and sometimes other parts of their identity — such as insurance information — without the person’s knowledge or consent to obtain medical services or goods, or uses the person’s identity information to make false claims for medical services or goods. Medical identity theft frequently results in erroneous entries being put into existing medical records, and can involve the creation of fictitious medical records in the victim’s name.

Medical identity theft is a crime that can cause great harm to its victims. Yet despite the profound risk it carries, it is the least studied and most poorly documented of the cluster of identity theft crimes. It is also the most difficult to fix after the fact, because victims have limited rights and recourses. Medical identity theft typically leaves a trail of falsified information in medical records that can plague victims’ medical and financial lives for years.

Key World Privacy Forum Medical ID Theft Resources:

 

 

See the blog roll below for news and new content by date.

 

 

World Privacy Forum Comments on “Red Flag” Guidelines for Identity Theft, Requests Addition of Medical Identity Theft to Red Flag Rule

Identity theft | medical identity theft — The World Privacy Forum filed comments with the Federal Trade Commission, the Treasury, and other federal agencies today regarding the joint draft rule on “Red Flags” for identity theft. In its comments, the World Privacy Forum requested that medical identity theft be added to several aspects and portions of the proposed rule. Adding medical identity theft to the rule is essential to help close gaps in protection for consumers and to encourage health care providers to attend to victims’ challenges and needs regarding medical identity theft.

Step-by-step FAQ for victims of medical identity theft

Medical records privacy and how-to — Following its report on medical identity theft, the World Privacy Forum has responded to the need for specialized advice for victims of medical identity theft. The Access, Amendment, and Accounting of Disclosures: FAQs for Medical ID Theft Victims is the first resource of its kind, and is intended to help victims navigate the complicated process of correcting medical files and recovering from the unique harms of medical identity theft. The FAQ includes sample letters to use, as well as step-by-step advice on how to get a copy of health records, ask for changes to health records from healthcare providers, and ask for a history of disclosures of health records.

FTC to Conduct New Identity Theft Survey; World Privacy Forum Submits Comments

Identity theft — The World Privacy Forum submitted comments in response to the Federal Trade Commission’s request for feedback on its upcoming identity theft survey. The FTC identity theft survey is one of the most quoted surveys on the subject. The World Privacy Forum requested changes and clarifications to the survey, including adding questions about security breach notices and clarifying existing questions about medical identity theft, among other issues.

Testimony of Pam Dixon, before the National Committee on Vital and Health Statistics (NCVHS) Subcommittee on Privacy and Confidentiality

The World Privacy Forum has been particularly interested in developments related to EHRs and the NHIN. Given the impetus of the 2004 Executive Order [1] mandating forward movement in these areas, and the broad impact digitized medical records will potentially have on patients and on the healthcare sector, the World Privacy Forum believes that the decisions this Committee and others shaping these efforts arrive at will be of lasting importance. Given the transition of many parts of our society from analog to digital, it is crucial to ask what this digitization will look like and to carefully examine and discuss what form EHRs and related systems should take in regards to patient choice, privacy, and security.