The incidence of physician identity theft continues to grow with the use of electronically available information. A physician should be concerned about protecting his or her identity in the same manner as any non-physician should be: by securing against theft of credit cards, social security numbers and other sensitive information; and by promptly reporting such thefts if they occur. Theft of such information can have a wide range of negative consequences, including damage to your credit history.
At the same time, you must protect against (and if necessary, report) theft of the information with which you are entrusted in your role as a physician. Physicians order drugs, make referrals and bill Medicare, Medicaid, and other private and commercial payers. Physicians should take care to protect their medical licenses and provider numbers from theft, so that they do not unwittingly become the target of Medicare or Medicaid fraud or narcotics rings. Physicians do not want to find themselves the victim of sophisticated schemes where their name and identity are used to bilk federal programs out of substantial sums of money or to improperly divert controlled substances.
The American Medical Association (AMA) has developed the educational resource, "Steps physicians should take if in danger of identity theft," to help physicians protect themselves if they believe their identity may have been stolen. This resource offers steps you should consider taking if confidential information which could enable identity theft—such as your credit cards, checkbook, or Social Security number (SSN)—has been lost or stolen. This resource also offers tips for protecting the integrity of your identity as a physician, including Medicare enrollment information.
The Centers for Medicare and Medicaid Services (CMS) has created its CMS Provider Victim Validation/Remediation Initiative (Initiative). The Initiative assists legitimate providers who have suffered unwarranted financial liability as a result of having their identities stolen by thieves who use those identities to fraudulently bill Medicare. Read more information concerning the Initiative.
What else is the AMA doing? Learn more about what AMA advocacy efforts are regarding physician identity theft issues.
Ownership and use of claims and payment data
Physician identity theft is not the only threat posed by access to physician-identifying information. A number of organizations have attempted to gain access to physician-identifying information from Medicare via court action. These organizations sought to use that information to "evaluate" physician performance or determine the amounts that individual physicians were paid.
The AMA has succeeded in blocking these attempts. In order to guide the AMA and physician advocates in future attempts, the AMA has also developed the resource, "Release of Claims and Payment Data from Government Health Care Programs." This guidance can be used in litigation, in the construction of model legislation addressing this issue, and in addressing physician concerns over possible future governmental plans to release health care data and physician-identifying information.
Issues concerning the ownership and use of physician claims data are also of vital concern to physicians and AMA advocacy. Be aware that the outside billing services and payers with which you do business may take it for granted that they own the physicians’ claims data and can use this information for purposes that you may find objectionable—for instance, to evaluate your practice’s performance.
In many cases, billing services or payers refuse to allow physicians to access their claims data, on the grounds that the data is proprietary. The AMA has developed two resources to help physicians clarify and possibly protect claims data ownership when contracting with outside billing companies and payers.
- "Data ownership issues for the physician practice and medical billing service," developed in collaboration with the Healthcare Billing and Management Association (HBMA), identifies the questions that physicians should ask prior to contracting with a billing service. This resource addresses topics such as data ownership and issues related to what happens when the relationship between the physician and billing service terminates.
- "Read your contracts: Protected Health Information (PHI)" contains model contract language designed to buttress a physician’s rights associated with claims data ownership and access when contracting with private health insurers and outside billing services.