By KEREEN MULLENBACH, RN, PhD
Radford University School of Nursing

A woman is admitted to an emergency room, and as part of the routine a nurse does an assessment. Something's wrong. The nurse turns to the woman and says, "It looks like the blood type information on your chart is wrong." A minor error? Hardly. If the woman had been unconscious and needed blood, the transfusion could have killed her. Someone had come to that ER claiming to be her, received care and in the process changed her blood type.

Medical ID Theft
This crime is called medical identity theft and is the fastest growing information crime. It is far more serious than losing credit rating, as bad as that is, because medical identity theft changes medical information and can cost money, cause lost benefits and threaten life. Everyone needs to be aware of this crime, but it doubly affects nurses, who need to protect the health of their patients as well as their own. And this is never so imminent as now when the shortage of nurses puts more pressure on them to do more in less time.

Here's what happens: Someone else claims to be you and receives care. The bill is submitted to your insurance company. If all or part of the care is not covered, you will eventually be held responsible. One woman, for example, checked her "Explanation of Benefits" and found that her insurance had paid for several respiratory treatments for her son. These were treatments that he never received and did not need.

Steals medical info
How does this happen? In some cases, when your purse or billfold is stolen, the perpetrator not only uses your credit cards for purchases, but uses your personal information to access health care. In the 2006 issue of the World Privacy Forum Report, the following examples appear. A patient in New England claimed to be his cousin and received $84,000 of care, which the hospital is still trying to collect. A marine who lost his wallet in North Carolina, then went to Iraq, was notified by bill collectors that he owed $40,000 for five visits to ERs in three different cities. While he notified his bank about his credit cards and received a new license, he never thought that someone would use his old ID to get health care and in the process, change his address and phone number. (Thieves change the address so that the bills do not go to the victim alerting them.) As a result of this theft, his credit rating dropped and he is stuck with legal fees trying to prove that he did not receive the care or owe the money. In addition, his medical record now contains information that is false.

Think about where health information is kept: doctor's offices, hospitals, pharmacies, and Human Resources, to name a few. Trying to correct misinformation in a medical record can be a nightmare, as the federal law HIPPA protects the thief and the information that was put in the record. A correction might mean asking each provider to put a note in the file about the bad information. Otherwise, misinformation could be sent to other providers.

New Regulation
There is now a new regulation issued by the Federal Trade Commission (2008), called the Red Flags Rule. These regulations apply to all financial institutions and creditors, which can include hospitals and clinics. Under these regulations, companies must implement identity theft prevention programs that identify and detect "Red Flags" signaling possible identity theft. Companies establishing such programs must create policies and procedures not only to recognize and detect Red Flags, but also to prevent or mitigate potential identity theft. This regulation went into effect in November of 2008. Under this regulation, health care providers must take action when notified about inaccurate information.

Nurses can help
Meanwhile, prevention is the best medicine for both victims and nurses. To prevent becoming a victim of medical identity theft:
. Carefully examine all Explanations of Benefits (EOB).
. Ask all providers to let you see your record and to tell you where they have shared your information.
. Check with your insurance company on what benefits you have.
. Guard your social security number.
. Ask about the security of your medical information if computerized records are used. Nurses should also take an active role in prevention:
. Be alert to discrepancies when looking at a patient's chart or other medical information.
. Never leave files in any place that can be accessed by unauthorized people.
. If you have any doubts about the identity of a patient, ask to see a photo ID.

Kereen F. Mullenbach, RN, PhD is an Assistant Professor of Nursing at Radford University. Currently she is teaching Nursing Research and Leadership and will soon be teaching Health Care Systems, Informatics and Health Care Policy in the Doctor of Nursing Practice (DNP). A graduate of Loyola University Chicago School of Nursing, Dr. Mullenbach is currently President of District 2, VNA. She can be contacted at krmullenb@radford.edu