Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
9/26/2012
1
Medical Identity TheftHealth Care Compliance Association
Clinical Practice Compliance Conference
October 16, 2012Julie K. Taitsman, M.D., J.D.
Chief Medical Officer
Christi Grimm, MPASpecial Assistant to the
Principal Deputy Inspector General
Definition
Medical Identity Theft is the appropriation of a patient’s or provider’s unique medical identifying information with the intent to
misuse this information to bill for or obtain medical goods or services from
public or private payers.
2
9/26/2012
2
Types of Medical Identity Theft
Provider identity stolen to:Authorize or order items or servicesBill insurers for items and services
Beneficiary identity stolen to:Bill insurers for items and services
never renderedBill insurers for items and services
rendered to someone other than the beneficiary
3
How Big Is the Problem?
3,600 cases reported to the FTC in 2009
CMS identified
5,000 compromised Medicare provider numbers (Parts A/B/D)
280,000 compromised beneficiary numbers
Many cases go undetected and unreported
4
9/26/2012
3
Whom Does Medical Identity Theft Hurt?
5
Health insurers Cost for fraudulent claims Resources to develop safeguards
Taxpayers Increased Medicare & Medicaid
expenses Cost to implement
protective/preventive laws & systems
Law enforcement
Beneficiaries Financial liability Service limits Corrupted medical records Compromised care
Providers Professional reputation Financial liability
Incorrect overpayment assessments
Incorrect income tax assessments
Case Study # 1
6
Fraudulent Prescriptions
9/26/2012
4
Case Study # 1Lessons &Tips
Keep track of prescription pads
Educate your patients • Be on the Lookout!
Open lines of communication with pharmacies
7
Case Study # 2
Patient Recruiting
Schemes
8
9/26/2012
5
Case Study # 2Lessons & Tips
Never authorize unnecessary items or services
Perform all necessary exams and testing before authorization
Set internal policies to avoid taking shortcuts
Choose business partners carefully
9
Directly Billing for Services Using Stolen Physician Identity
10
9/26/2012
6
Case Study # 3
Complicit Physician Allows Misuse
of Physician Identity
11
Case Study # 3Lessons &Tips
Maintain accurate medical record documentation
Ensure your records support medical necessity
Only bill and chart for the services provided
If someone else provided a service, don’t bill as if you provided it yourself
Only certify accurate and truthful claims
12
9/26/2012
7
Case Study # 4
Recruited Medical Directors
13
Case Study # 4Lessons &Tips
If it sounds too good to be true, it probably is
Choose business partners carefully
Determine how much time the position will require
Monitor the use of identifiers
14
9/26/2012
8
Consequences to Victimized Physician
Overpayment demand letters
Tax liabilities
Credit issues
Exoneration difficulties
Damaged reputation
15
What Can You Do to Protect Yourself?
Actively manage enrollment information with payers
Monitor billing and compliance processes
Control prescribing authorities and medical identifiers
Choose staff and business partners carefully
16
9/26/2012
9
Consequences to Victimized Beneficiary
Financial liability
Denial of services
Difficulty accessing needed care
Corrupted medical records and compromised care
17
What Can You Do to Protect Your Patients?
Hire and supervise staff carefully
Store medical records and other documents with patient information securely
Use computers and mobile digital devices responsibly
Educate your patients to protect themselves
18
9/26/2012
10
Resource for Patient Education
19
What Can You Advise Your Patients to Do to Protect Themselves?
Guard your card
Only give information to providers you trust
Don’t reveal personal information to strangers
Hang up or walk away
Review all medical bills, summary notices, and explanation of benefit statements
Don’t “share” your card20
9/26/2012
11
Some Risks Are Beyond Your Control
Public access to physician identifiers
Large number of providers with legitimate access to identifiers
Use of Social Security numbers as beneficiaries’ Medicare numbers
21
If You Identify Fraud, What Next?
Report medical identity theft to:
Local law enforcement State Medicaid Agencies (SMA) Federal Trade Commission (FTC) HHS-OIG CMS regional offices
CMS CPI identity remediation process for providers
22
9/26/2012
12
Where Should Beneficiaries Report Identity Theft?
State Medicaid Agency (SMA)Website: http://www.cms.gov/Medicare-Medicaid-Coordination/Fraud-
Prevention/FraudAbuseforConsumers/Downloads/smafraudcontacts.pdf
Federal Trade Commission (FTC)Phone: 1-877-438-4338 (1-877-ID-THEFT)
TTY #: 1-866-653-4261Website: http://www.ftc.gov/bcp/edu/microsites/idtheft/
HHS-OIG HotlinePhone: 1-800-447-8477 (1-800-HHS-TIPS)
TTY #: 1-800-377-4950Fax #: 1-800-223-8164
E-mail: [email protected] Website: http://oig.hhs.gov/fraud/report-fraud/index.asp
23
CMS CPI Identity Remediation Process for Providers
Proactively identify and help victims by:
Responding to the needs of legitimate providers
Helping to absolve related debts, overpayments, and/or tax obligations
Websites: • https://www.cms.gov/Medicare-Medicaid-Coordination/Fraud-
Prevention/MedicaidIntegrityProgram/downloads/cpiinitiatives.pdf
• http://www.cms.gov/Medicare/Provider-Enrollment-and-Certification/MedicareProviderSupEnroll/downloads/ProviderVictimPOCs.pdf
24
9/26/2012
13
HHS-OIG Compliance Guidance
http://oig.hhs.gov/compliance/compliance-guidance/index.asp 25
Questions?
Christi GrimmEmail: [email protected]
Phone: (202) 205-0659
Julie TaitsmanEmail: [email protected]
Phone: (202) 619-3189
OIG Website: http://www.oig.hhs.gov
Twitter: @OIGatHHS
26