SAN FRANCISCO (KPIX 5) — When most people think of identity theft, they might worry about the impact to their credit. There is another concern when your personal identification information gets stolen… medical identity theft.
Picture this. You go away on vacation and while you are gone thieves break into your house and steal your social security card and maybe an expired state issued ID card you have lying around. Then, the bandit sells your ID on the street for say, fifty bucks.
The buyer takes your ID and walks into the ER at a local hospital asking to see a doctor. She gets medical treatment and you get billed. You have just become one of the thousands of people a year who have their medical identity stolen.
Melissa, who asked KPIX5 that we not use her last name, found herself in a similar situation early this year. She came back from a vacation to discover her expired California ID card and social security card had been stolen from her home while she was away.
About a month later Melissa began receiving bills that another woman had incurred while seeking medical care at three different Bay Area medical providers. While Melissa doesn’t know for sure how the thief got her ID, she is pained by what happened next.
“She walked straight into one of the hospitals,” said Melissa. “And they found my identification on her.”
The ID thief’s first stop was a skilled nursing facility that didn’t have an ER. Lobby personal called an ambulance to take the woman to another nearby hospital that does have emergency care services. During the process medical personal generated a “face sheet” for the ID thief — a document that contains a patient’s name, insurance information and vital statistics. In other words, when Melissa’s ID thief came through the ER doors, she had already assumed Melissa’s identity during the ambulance ride in.
“In the ER that is difficult because all that matching activity is done further down the line,” said California Pacific Medical Center’s Dean Fryer. “When you come into the emergency room the primary function of the ER is to stabilize the individual who is coming in for treatment.”
Fryer says there is no way for an individual like Melissa to prevent personal information from being used in an ER to get treatment. He points out that ER medical care providers are prohibited by Federal Law from asking for identification prior to giving a patient care.
HIPAA (Health Insurance Portability and Accountability Act) laws can also act as a double edged sword when someone like Melissa is trying to clean up after a medical identity theft. That’s because once it is determined that identity theft has taken place, all associated records are redacted from the ‘real’ individual’s medical file. Then only the person who was treated, in this case the identity thief, can gain access to that medical information.
Melissa has spent hundreds of hours trying to remedy the nearly $6000 in bills her ID thief generated. All three medical care providers, including both hospitals and the ambulance company have cleared up nearly every bill she received. Still, Melissa fears what might come next since her information is still out there.
“Dozens of hours of my life and time are gone,” said Melissa. “From this visit that only lasted several hours.”
Police have told KPIX5 that an arrest has been made in this case but law enforcement has no further details at this time.