We use cookies to deliver our online services. Details of the cookies we use and instructions on how to disable them are set out in our Cookies Policy. By using this website you agree to our use of cookies. To close this message click close.

FTC Posts Guidance for Providers and Insurers on Medical Identity Theft

09 February 2011

Shining a new spotlight on health data breaches, the Federal Trade Commission recently posted a frequently asked questions guide to medical identity theft for health care providers and insurers. Medical identity theft occurs when one person obtains health care services or prescription drugs using the identity of someone else, or when those working in a health care provider setting use an individual's personal information to submit false bills to an insurer. People victimized by medical identity theft often realize the theft has occurred when they get a bill for a service they did not receive, are contacted by a debt collector for medical bills for services thy never obtained or from doctors they never saw, or are denied insurance because their records are incorrect. The guide makes clear that if a patient reports being a victim of medical identity theft, providers and insurers are expected to conduct an investigation and correct any incorrect information, follow the applicable rules of the Fair Credit Reporting Act, review their data security practices, and provide notification as required under HIPAA or other federal or state security breach notification laws. The guidance for health care providers and insurers follows on guidance posted last month for consumers on how to prevent and detect medical identity theft. 

Cybersecurity in the Health Sector

The health sector is under siege with cybersecurity threats. Some of the largest announced cyber attacks in U.S. history have targeted organizations in the health industry. Regulators have...

02 May 2016
Loading data