Latest

World Privacy Forum Comments on "Red Flag" Guidelines for Identity Theft, Requests Addition of Medical Identity Theft to Red Flag Rule

Identity theft | medical identity theft -- The World Privacy Forum filed comments with the Federal Trade Commission, the Treasury, and other federal agencies today regarding the joint draft rule on "Red Flags" for identity theft. In its comments, the World Privacy Forum requested that medical identity theft be added to several aspects and portions of the proposed rule. Adding medical identity theft to the rule is essential to help close gaps in protection for consumers and to encourage health care providers to attend to victims' challenges and needs regarding medical identity theft.

Public Comments: August 2006 - FTC Complaint About Search AOL Data Releases

Internet privacy -- The World Privacy Forum announced today that it would be filing a complaint with the Federal Trade Commission about the posting by AOL of a portion of its users’ search data on the Internet. While the data was not expressly identified by name, the search queries themselves included in some cases personally identifiable information such as individuals’ names, Social Security Numbers, and myriad other personal information. The World Privacy Forum urges consumers to take precautions when using search engines.

World Privacy Forum Announces Plans to File FTC Complaint About AOL Search Data Release

Internet privacy -- The World Privacy Forum announced today that it would be filing a complaint with the Federal Trade Commission about the posting by AOL of a portion of its users’ search data on the Internet. While the data was not expressly identified by name, the search queries themselves included in some cases personally identifiable information such as individuals’ names, Social Security Numbers, and myriad other personal information. The World Privacy Forum urges consumers to take precautions when using search engines.

AOL Releases The Unfiltered Search Histories Of 657,000-Plus Users; World Privacy Forum Filing FTC Complaint

AOL released three months’ worth of the detailed search queries of 657,000-plus of its users. The approximately 20 million search queries and the additional data on users’ click-throughs to web sites in the search results are generally highly revealing of individuals’ personal, financial, political, medical, religious, and other preferences as well as the businesses and people they associate with.

World Privacy Forum Comments on Privacy Issues Relating to a Nationwide Genetic Research Project

Genetic privacy -- The collection of DNA material from 500,000 to 1,000,000 or more individuals as part of a large U.S. medical research project raises many challenging ethical, legal, and privacy issues. An advisory committee reporting to the Office of the Secretary of Health and Human Services ( the Secretary's Advisory Committee on Genetics, Health and Society) has published a detailed analysis of the issues such a project and its associated databases and biobanks would raise in a draft report. The committee's final report and policy recommendations will be submitted to the Secretary of HHS. The World Privacy Forum has submitted public comments on the draft; the comments include key policy recommendations. The Forum's recommendations include the need to provide protection from compelled disclosure of information, the necessity for a full-time project privacy officer with enforcement power, the need to address identifiability issues, and the need for a far-reaching and robust privacy policy that exceeds the requirements of HIPAA, among other recommendations.

Public Comments: July 2006 - WPF comments on draft report "Policy Issues Associated with Undertaking a Large U.S. Population Cohort Project on Genes, Environment, and Disease.

The collection of DNA material from 500,000 to 1,000,000 or more individuals as part of a large U.S. medical research project raises many challenging ethical, legal, and privacy issues. An advisory committee reporting to the Office of the Secretary of Health and Human Services ( the Secretary's Advisory Committee on Genetics, Health and Society) has published a detailed analysis of the issues such a project would raise in a draft report. The committee's final report and policy recommendations will be submitted to the Secretary of HHS. The World Privacy Forum has submitted public comments on the draft report; the comments include key policy recommendations. The Forum's recommendations include the need to provide protection from compelled disclosure of information, the necessity for a full-time project privacy officer with enforcement power, and the need for a far-reaching and robust privacy policy that exceeds the requirements of HIPAA, among other recommendations.

Step-by-step FAQ for victims of medical identity theft

Medical records privacy and how-to -- Following its report on medical identity theft, the World Privacy Forum has responded to the need for specialized advice for victims of medical identity theft. The Access, Amendment, and Accounting of Disclosures: FAQs for Medical ID Theft Victims is the first resource of its kind, and is intended to help victims navigate the complicated process of correcting medical files and recovering from the unique harms of medical identity theft. The FAQ includes sample letters to use, as well as step-by-step advice on how to get a copy of health records, ask for changes to health records from healthcare providers, and ask for a history of disclosures of health records.

World Privacy Forum comments on Medicaid Program and State Children's Health Insurance Program Systems Notice; requests changes

Agency comments / Medical privacy -- The World Privacy Forum submitted comments to the Centers for Medicare & Medicaid Services requesting that it amend a Systems of Records Notice to address an oversight and address other privacy issues. The Forum requested that CMS add a reference in the system notice to Executive Order 13181 of December 20, 2000, “To Protect the Privacy of Protected Health Information in Oversight Investigations.” The Forum also requested that the routine uses be revised to reflect the HIPAA requirements as appropriate when the disclosures involve HIPAA records.

Public Comments: June 2006 - Medicaid Program and State Children's Health Insurance Program Systems Notice

The World Privacy Forum submitted comments to the Centers for Medicare & Medicaid Services requesting that it amend a Systems of Records Notice to address an oversight and address other privacy issues. The Forum requested that CMS add a reference in the system notice to Executive Order 13181 of December 20, 2000, “To Protect the Privacy of Protected Health Information in Oversight Investigations.” The Forum also requested that the routine uses be revised to reflect the HIPAA requirements as appropriate when the disclosures involve HIPAA records.

Consumer Fraud Alert: Bogus Job Ads Pose Potential Harm to Consumers

The World Privacy Forum and the Privacy Rights Clearinghouse have become aware of a nationwide job scam currently in action. We are advising job seekers to avoid any response to job ads coming from Macrocommerce Intersales and to be aware of the high potential for financial fraud and /or identity theft if they have already responded to job ads from this company.

Public Comments: May 2006 - US Civil Society Organizations (CSO)

EPIC filed comments with the Department of Commerce, which the World Privacy Forum joined. The Office of Technology and Electronic Commerce solicited comments on the development and implementation on “cross-border privacy rules” in the Asia PacificEconomic Cooperation Group (APEC). Seven groups submitted the comments on behalf of civil society organizations (CSO) in the United States concerned about privacy in order to urge the strengthening of privacy rules in the Asia Pacific Economic Cooperation Group.

Medical Identity Theft: Part I - Summary

THE DANGEROUS IMPACT OF MEDICAL IDENTITY THEFT MEDICAL IDENTITY THEFT, THE CRIME THAT HAS HIDDEN ITSELF ALL TOO WELL THE VICTIMS’ PERSPECTIVE: LACK OF RECOURSE, LACK OF RIGHTS, AND LACK OF HELP ELECTRONIC RECORDS, HEALTH NETWORKS, AND THE CHALLENGES MEDICAL IDENTITY THEFT BRINGS TO BOTH MEDICAL IDENTITY THEFT VICTIMS ARE FALLING THROUGH GAPS BACKGROUND OF THIS REPORT FINDINGS RECOMMENDATIONS

Medical Identity Theft: Discussion - Definition of Medical Identity Theft

Medical identity theft occurs when someone uses a person’s name and sometimes other parts of their identity – such as insurance information or Social Security Number-- without the victim’s knowledge or consent to obtain medical services or goods, or when someone uses the person’s identity to obtain money by falsifying claims for medical services and falsifying medical records to support those claims.

Medical Identity Theft: Discussion - Medical Identity Theft by the Numbers: How Prevalent is this Problem?

STATISTICS SPECIFIC TO MEDICAL IDENTITY THEFT Federal Trade Commission Medical Identity Theft Complaints Social Security Administration/Office of Inspector General (SSA/OIG) Hotline Data FTC 2003 Identity Theft Survey Identity Theft Resource Center 2003 and 2004 Survey Number of Prosecutions Conclusions regarding the medical identity theft indicators BACKGROUND: GENERAL STATISTICS ON IDENTITY THEFT BACKGROUND: GENERAL STATISTICS ON HEALTH CARE FRAUD Hotline Statistics Referrals the Inspector General’s Office of HHS took Some Form of Action On

Medical Identity Theft: Discussion - How People Have Discovered They are Victims of Medical Identity Theft

COLLECTION NOTICES RECEIPT OF SOMEONE ELSE’S BILLS NOTIFICATION BY LAW ENFORCEMENT OR AN INSURANCE COMPANY NOTIFICATION BY A HEALTH CARE PROVIDER MEDICAL PROBLEM AT AN EMERGENCY ROOM NOTIFICATION OF DATA BREACH BY A MEDICAL PROVIDER DENIAL OF INSURANCE COVERAGE, NOTIFICATION THAT BENEFITS HAVE RUN OUT, OR “LIFETIME CAP” HAS BEEN REACHED REVIEW OF EXPLANATION OF MEDICAL BENEFITS NOTICES

Medical Identity Theft: Discussion - Some Dynamics of Medical Identity Theft

The intentional submission of false claims is the core of health care fraud, and the intentional misuse of personally identifying information is the core of identity theft. Medical identity takes elements from both crimes: medical identity theft is the intentional misuse of personally identifying information to receive medical goods or services, and it usually involves the creation of false medical records, or false entries into existing medical records.

Medical Identity Theft: Discussion - Recourse and Recovery Issues for Victims

Victims of medical identity theft may need help with recovery in the area of correcting medical files and insurance records. They may also need help in the area of correcting financial information. In the area of financial recovery, multiple excellent resources exist for consumers. But in the area of medical and insurance information correction and recovery, victims will not find nearly the same resources or availability of recourse.