Advertisement
AlertSubscribe to Email Alert
American Medical News

American Medical News

Advanced
 
BUSINESS

Identity crisis: Protect yourself from ID theft

You can make yourself less of a tantalizing target for an information thief.

By Tyler Chin, amednews staff. Oct. 13, 2003.

  • PRINT|
  • E-MAIL|
  • RESPOND|
  • REPRINTS|
  • Share SHARE Share
  •  

Jonathan L. Pollitte, MD, an internist in Johnson City, Tenn., was terrified that his medical career would be derailed just as it was being launched.

Unknown to Dr. Pollitte, a former employer had obtained a unique physician/practitioner identification number under his name and used it to submit more than $2 million in bogus claims to Medicare.

Dr. Pollitte eventually convinced federal investigators he was innocent, but not before losing 20 pounds in 15 days because he was so anxious and stressed out about his career and family's future, said Bruce Shine, the Knoxville, Tenn., attorney who represented him.

Dr. Pollitte was among the estimated 9.9 million Americans who were victimized by some form of identity theft last year, according to a survey released Sept. 3 by the Federal Trade Commission. That survey figure was higher than two other estimates by Gartner Inc. and Harris Interactive Inc., which in July pegged the number of victims within the previous 12 months at 7 million.

Identity theft occurs when crooks misuse someone else's personal information for their own gain. That includes obtaining bank accounts, credit cards, loans, utilities, mortgages and merchandise under that person's name. The crime can ruin victims' finances, credit ratings and reputations, and exact a heavy emotional toll as victims go through an often-frustrating and time-consuming process to clear their names, experts say.

In 2002, the crime cost businesses and consumers $53 billion, the FTC survey found. Because people's personal information is so readily available, identity theft cannot be prevented entirely. But physicians can reduce the risk of being victimized by being careful about how they manage sensitive information such as Social Security numbers and birth dates, said Betsy Broder, assistant director in the FTC's division of planning and information.

Crooks usually steal information through low-tech methods: swiping wallets, purses and mail, and "dumpster diving," or rummaging through trash, she said. But identity thieves can also steal information online.

Criminals, of course, constantly attempt to hack into the computer networks of financial and health care organizations. But now they're increasingly "phishing" for individual information. Con artists cast their nets by posing as well-known corporations and sending logo-studded, official-looking e-mail to would-be victims, urging them to update their account information by clicking on a hyperlink, which goes to a look-alike Web page.

Insider info

But most identity thefts are inside jobs. They are committed by dishonest people in trusted positions in a physician office, hospital, company, government agency or other entity with access to people's personal information, Broder said.

That is how Dr. Pollitte's identity was stolen after he joined Accumed Medical Services Corp., which had hired him part-time to perform screenings related to life and disability insurance policies.

9.9 million Americans were victimized by identity theft last year.

Dr. Pollitte was out of the country at press time and could not be reached for comment. He learned he was under investigation when he received two telephone calls within days of each other last year, according to his attorney, Shine.

Shortly after a private insurer inquired about some claims he allegedly had submitted, the U.S. Dept. of Health and Human Services asked Dr. Pollitte to explain more than $2 million in billings to Medicare.

Dr. Pollitte told the insurer and investigators from HHS and the Federal Bureau of Investigation that he did not file the claims and had not treated the patients associated with them, Shine said. But it took a while for officials to come around because they suspected Dr. Pollitte of "trying to make a killing to pay off" his medical school debt, Shine said.

To prove his innocence, Dr. Pollitte wore a wire and turned over all of his financial records so authorities wouldn't think he was hiding something, Shine said. "The first thing doctors ought to do in this sort of instance is to totally cooperate with law enforcement."

On Feb. 27, the federal government filed criminal charges against Craig Robert Lodge, who owned Accumed with his wife, Mailee Renae Lodge. Craig Lodge pleaded guilty April 28 to stealing the identity of Dr. Pollitte to fraudulently bill Medicare for more than $2 million from September 2000 through January 2003. Half of that was paid out to Accumed before the fraud was discovered, according to Lodge's plea agreement with prosecutors. He also admitted stealing Dr. Pollitte's identity to obtain controlled substances and falsely bill private insurers for $52,000.

Lodge also admitted stealing the identities of two other Johnson City physicians -- Asa A. Peek, DO, who until this year was an obstetrics-gynecology resident at a local hospital, and Guha Krishnaswamy, MD, an internist. Lodge used the physicians' names to obtain loans to buy a 45-foot powerboat for $249,000, and lease a Mercedes Benz and a sports utility vehicle.

Lodge is awaiting sentencing, pending the trial of his wife. She was indicted May 13 on 14 counts of Medicare and other fraud. Her trial is scheduled to start Oct. 29.

Protecting yourself

While physicians aren't at greater risk than anyone else for having their identities stolen, they are appealing and vulnerable targets to crooks familiar with the industry's billing and payment practices, said Bill Mahon, CEO and president of the Washington, D.C.-based National Health Care Anti-Fraud Assn, a nonprofit group made up of health insurers and governmental authorities responsible for policing health insurance fraud.

"The problem isn't rampant, but it's significant," Mahon said. "Physicians just need to be watchful for anything that seems out of the ordinary in terms of their financial transactions."

Physicians may appeal to some criminals with poor credit histories because they know companies view doctors as good credit risks, believes Neil Smith, the assistant U.S. attorney prosecuting Lodge.

But short of catching a lucky break and implementing good internal controls, there isn't much physicians can do that would allow them to realize that their identity has been hijacked before HHS, the Internal Revenue Service or collection agencies come knocking, he said.

One thing they can do, however, Mahon suggested, is ask patients to report receiving any insurance company explanation of benefits forms for services that were never performed.

Back to top

 ADDITIONAL INFORMATION: 

How to cut your risk

  • Run background checks on potential employees; implement internal financial controls.
  • Ask patients to tell you if they get statements from insurers for services you didn't perform.
  • Be wary if you stop receiving mail from parties you conduct business with, receive large checks from insurers that you can't reconcile, or receive misdirected letters and odd calls.
  • Keep prescription pads in a safe place; protect your Medicare, DEA and employer tax numbers.
  • Log off after remotely accessing sensitive information on your PC or financial institution's server. Crooks are known to rig computers and ATMs in public places to capture users' personal information.
  • Install and update anti-virus and firewall software.
  • Don't carry your Social Security card; carry only a minimum amount of identification.
  • Don't write your Social Security, driver's license or credit card numbers on checks.
  • Give out your Social Security number only when necessary.
  • Keep a list of the names, account numbers and phone numbers of your financial institutions and creditors so you can close accounts immediately if your wallet is stolen or lost.
  • Call 888-567-8688 to opt out of pre-approved credit card offers.
  • Shred documents containing personal information.
  • Install a locked mailbox; promptly remove mail.
  • Take correspondence containing sensitive information to the post office.
  • Review financial statements for unauthorized activity.
  • Be aware of billing cycles; if a bill doesn't arrive on time, contact the financial institution.
  • Ask the post office to hold mail while you're on vacation.
  • Check your credit report at least once a year.
  • Keep the number of credit cards to a minimum. Cancel cards you stopped using.
  • Check privacy polices of banks, brokerages and mutual fund firms and follow the steps to stop them from sharing your information.
  • Never give out personal information unless you have initiated the call or entered the Web address of a company you know is authentic. If you submit personal information online, make sure the "lock" icon is displayed.

Back to top

If you've been victimized

  • Immediately alert one of the three major credit reporting bureaus -- Experian, Equifax Inc. or Trans Union LLC.
  • Ask that company to place a fraud alert on your credit file and to forward a copy to you. That company will contact the other two, which will then place fraud alerts on your files and send you a copy.
  • Check your credit report three months after the crime and at least once a year thereafter. Identity theft victims are entitled to one free credit report but may have to pay $9 for each subsequent copy.
  • Scrutinize the reports closely for errors and unauthorized activity.
  • Contact the institution that issued the fraudulent accounts to explain what happened and have the accounts closed. The institutions most likely will require you to submit a form; many accept a standard form available on the Federal Trade Commission's Web site.
  • Report the crime to local police and police in the jurisdiction where it occurred. Get a copy of the complaint because it will help convince creditors of your innocence.
  • File a complaint with the FTC.
  • Offer authorities access to all financial records if someone defrauds insurers under your name.

Back to top

Types of identity theft

  • Financial: Identity thieves open or drain existing bank accounts, or obtain credit cards, loans and goods and services under someone else's name and Social Security number.
  • Criminal: The thieves give the name and personal information of someone else instead of their own to law enforcement, resulting in authorities citing and arresting the wrong people.
  • Cloning: Criminals actually work and live their lives under the names of those whose identities and personal information they have ripped off.
  • Business or commercial: Crooks open credit cards and financial accounts under the name of businesses rather than an individual.

Source: Identity Theft Resource Center

Back to top

One doctor encounters a serial identity thief

It's bad enough when an identity thief uses your personal information for financial gain. But what if that happened not once, but five times? And what if that thief was also treating patients under your name?

That's what happened to Gerald C. Barnes, MD, an orthopedic surgeon in Stockton, Calif. Five times during a 20-year period, a man born Jerald Barnbaum, who in 1970 changed his name legally to Gerald Barnes, has stolen Dr. Barnes' identity.

"It's probably one of the most extreme cases of identification theft that we've seen both in terms of the number of years that it was carried on and the elaborate deceptions that were involved," said Dan Saunders, an assistant U.S. attorney in California who recently prosecuted the not-doctor Barnes.

Barnbaum/Barnes used the real physician's name and credentials to obtain employment as a doctor at several clinics in the Los Angeles area between the late 1970s and 2000.

The phony physician was convicted in 1981 for involuntary manslaughter after a patient died. He also was convicted in 1984 and 1989 on state charges related to impersonating Dr. Barnes.

In 1996, the false doctor was sentenced on federal charges to 12½ years in prison for posing as Dr. Barnes a fourth time. He escaped in August 2000 and was arrested a month later, working as "Dr. Barnes" in a Los Angeles clinic.

This earned the phony physician a second federal grand jury indictment last February. On Sept. 18, he pleaded guilty in a California federal court to mail fraud, distributing controlled substances, using Dr. Barnes' Drug Enforcement Administration number and stealing Dr. Barnes' identity to buy a car. Scheduled to be sentenced on Dec. 8, the fake physician faces up to 38 years imprisonment on top of the 15 years he already is serving, including 2½ years for escaping.

The real Dr. Barnes did not return calls for comment.

Back to top

Weblink

"Identity Theft Survey Report," Federal Trade Commission, September, in pdf (www.ftc.gov/os/2003/09/synovatereport.pdf)

Federal Trade Commission's consumer resources on identity theft (www.consumer.gov/idtheft)

Identity Theft Resource Center (www.idtheftcenter.org)

Identity theft resources from the Privacy Rights Clearinghouse (privacyrights.org/identity.htm)

Equifax Inc., with online credit reports (www.equifax.com)

Experian, with online credit reports (experian.com)

Trans Union LLC, with online credit reports (www.transunion.com)

Back to top

Copyright 2003 American Medical Association. All rights reserved.
RELATED CONTENT
» A hard sell on DME: How suppliers try to game Medicare  Sept. 1
» Can you be conned? Doctors tell their money-losing tales of woe  Aug. 18
» Receivables purchasing firm NCFE declares bankruptcy  Dec. 2, 2002
» Scam artists steal doctors' identities  Sept. 16, 2002
» Phony liability insurers bilking desperate doctors  Sept. 9, 2002
 
Advertisement