Sunil Bhargava: The White House is kicking up the volume on health care reform and several plans are under consideration. While the overriding goal of healthcare reform is to ensure the right to healthcare for a larger segment of the US population, it will require a close look at taking the cost out of healthcare by providing streamlined, secure management of health information. Everyone knows that the collection of and access to patient information represents a major portion of the cost of healthcare. Overall, the prevalence of legacy systems, processes requiring redundant data collection and incompatible data bases create lots of cost in delivering patient care. The In the following post, guest author, Warren Axelrod, suggests that forethought can minimize the exposure to unavoidable costs resulting from medical ID theft.
Warren Axelrod: In an article by Walecia Konrad, (6/13/09 New York Times, “A New Ailment: Medical ID Theft: Treatment at Your Expense, Or at Least Your Insurer’s”) I read that medical ID theft is on the rise. Medical ID theft is when someone hijacks your health card account and charges all manner of services without your knowledge. Usually you only become aware of it when a red flag is raised, in the form of you exceeding your limit or you being notified of charges that you did not make. So how is credit card account ID theft and medical account ID theft different?
For one, if “Joe” (the thief) steals your medical ID and charges various services to your account, the information relating to Joe’s medical condition is protected personal information under HIPAA (Health Insurance Portability and Accountability Act). The implications are somewhat ridiculous but are surely unintended consequences of HIPAA. The article states that if and when your medical information is intermingled with Joe’s, you may have trouble accessing your files since HIPAA apparently requires that Joe’s medical information, which may be intertwined amongst your records, must be kept confidential. The article goes on to state that the discovery of “erroneous information in … medical files … may pose a bigger danger than the financial risks.” These risks include the possibility that a doctor will make an incorrect diagnosis or prescribe the wrong treatment because he/she is distracted by Joe’s information in your file.
As President Obama pushes for the massive automation of medical records, we must take into account the risks that medical account hijacking imposes. As more information is converted to electronic form, the security of those records becomes increasingly at risk. Yes, automation will likely yield greater efficiencies and lower direct costs. However, the cost of ID theft and its consequences to the health and financial wellbeing of the patient must be taken into account. While there is money to be saved by automating health records there is money to be spent building the requisite levels of security. Measuring the indirect costs resulting from misdiagnosis and rectifying damaged credit ratings are less easily measured than direct out-of-pocket costs, and therefore much more likely to be ignored. Positive results from reform could likely be diminished by the impact of lax security.
Pam Dixon, executive director of the World Privacy Forum, is quoted as saying, “Without aggressive safeguards, we could be building an infrastructure for massive medical fraud.” Agreed. So the mission is clear: design and implement the requisite security measures before the system is developed; rather than afterwards when the costs will be orders of magnitude greater.
Want to know more about securing patient information? Go to www.intellitactics.com to learn about HIPAA compliance.
Comments