POLICIES  PROCEDURES 2009 RED FLAG ALERTS

POLICIES PROCEDURES 2009 RED FLAG ALERTS PowerPoint PPT Presentation


  • 95 Views
  • Uploaded on
  • Presentation posted in: General

Download Presentation

POLICIES PROCEDURES 2009 RED FLAG ALERTS

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


1. POLICIES & PROCEDURES 2009 RED FLAG ALERTS

2. Part I: Definition Identity Theft is a fraud committed or attempted by using identifying information of another person without authority

4. Purpose of Policy To detect, prevent, and mitigate identity theft and enable practice plans to: Identify relevant patterns, practices, and specific forms of activity that are ďred flagsĒ signaling possible identity theft and incorporate those red flags into our procedures Incorporate controls that detect red flags into our procedures Respond appropriately to any detected red flags Ensure periodic updates to Practice Plan processes to reflect changes in risks associated with identity theft

5. Part II: Patient Verification at Registration/Check In Verify patient identity at the time of registration or check in Request documentation of patientís identity, address, and insurance coverage

6. Procedures When a patient calls to schedule or confirm an appointment, request that he/she bring: Driverís license or other government issued photo ID Current insurance card

7. NOTE: Be sure to tell patient that if their photo ID does not show current residential address or lists a P.O. Box, they should also bring a recent utility bill showing current residential address

8. If patient is a minor, patientís parent or guardian should bring ID information Patient will be asked to produce information when he/she arrives for appointment (Note: May be waived if patient was seen in last 6 months) If patient hasnít completed a registration form within last 6 months, a new registration form must be completed at check-in

9. Part III: Recognize Identity Theft Red Flags Detect attempts at patient identity theft or fraud in and around the practice, and immediately report incident to the Practice Plan Administrator or his/her designee

10. Be alert for the possibility of patient identity theft Anyone who suspects identity theft should immediately report it to Practice Plan Administrator or his/her designee Witness must complete an identity theft investigation report

11. Administrator will review completed investigation report If determined appropriate, Administrator will present report no later than the next board meeting to determine necessary follow-up with involved party/parties

12. Registration/Check-in Be vigilant in recognizing possible identity theft: Patient submits driverís license, insurance card or other identifying info that appears altered or forged Photograph on driverís license or photo ID doesnít resemble the patient

13. Information on one form of patientís ID is inconsistent with information on another form of ID (address on check presented for copayment doesnít match address on driverís license Information on patientís ID is inconsistent with information already in Practice Plan records

14. Patientís Social Security Number (SSN) has not been issued, is listed on Social Security Administrationís Death Master File, or is otherwise invalid NOTE: The following SSNs are always invalid: First three digits are in 800, 900 or 000 range First three digits are in a range from 772-799 First three digits are 666 Fourth and fifth digits are 00 Last four digits are 0000

15. Address given by patient doesnít exist or is a post office box Phone number given by patient is invalid or is associated with a pager or answering service Patient fails to provide identifying info or documents

16. Personal identifying info given by patient is inconsistent with info in Practice Plan records Patientís signature doesnít match signature on file in Practice Plan records SSN or other identifying info provided by patient is identical to other identifying info in Practice Plan records of other patients

17. Treatment/Examining Room Be vigilant in recognizing possible identity theft: Patientís age or physical description does not match what is recorded in medical record Records indicate medical treatment inconsistent with physical exam or medical history reported by patient Patient indicates documented patient history in medical record isnít correct

18. Patient Billing Be vigilant in recognizing possible identity theft: Patient or insurance company reports coverage for legitimate service is denied due to depleted benefits or lifetime cap reached Patient notified office of address change but address presented by patient doesnít match that address or address recorded at previous visit

19. Mail sent to patient still active in practice is repeatedly returned as undeliverable Patient disputes bill, claiming to be a victim of identity theft Patient receives a bill or receipt for services provided to another individual Patient receives a bill, explanation of benefits, or collection notice for health services never received, or from an unfamiliar provider

20. Part IV: Respond to Red Flags Take action in the event that any of the red flag scenarios listed in Part III occurs

21. Notify patient in question to see if any discrepancy can be explained or clarified If the matter is not a misunderstanding or administrative error, notify practice plan administrator and physician Victim may be asked to submit one of the following documents: ID Theft Affidavit developed by the FTC, with supporting documentation ID theft Affidavit recognized under state law

22. A written statement that includes the following documentation: Statement that patient is victim of identity theft Photocopy of patientís driverís license or government-issued photo ID card Any other identification document supporting statement of identity theft Specific facts supporting identity theft claim, if available Any other explanation that patient did not incur the debt Any available correspondence disputing the debt Documentation of patientís residence at date of service (eg.: utility bills, tax statements) Telephone number for contacting patient Any info patient may have regarding person who registered in his/her name Statement that patient didnít authorize use of his/her name or personal info Statement certifying that representations are true, correct and contain no material omissions of fact to the best knowledge and belief of person submitting certification

23. Notify any patient who appears to be a victim of identity theft via mail or properly documented phone call Retain any documentation of communication in office records Advise patient to contact law enforcement and consider having fraud alert place on his/her credit file

24. Notify law enforcement as deemed necessary by Practice Plan management, even when perpetrator is one of Practice Planís own staff or physician Suspend any collection attempts on the account until a determination is made as to whether the person receiving treatment is person being billed

25. If it appears that the patient has been a victim of identity theft following investigation, Practice Plan will take following steps: Cease collection on open accounts that resulted from identity theft If accounts had been referred to collection agencies or attorneys, instruct them to cease collection activity Cooperate with any related law enforcement investigation Notify any insurance company, government program or other payer who has made a payment on the account and refund the amount paid If an adverse report had been made to a consumer reporting agency, notify agency that account was not responsibility of patient

26. If it doesnít appear that patient has been a victim of identity theft following an investigation, Practice Plan or collection agency will give written notice to patient that he/she is responsible for payment of bill Notice will state basis for determination that person claiming to be victim is in fact the patient

27. Part V: Training & Updates These policies and procedures will be adopted by the Practice Plan Board of Directors and will be reviewed and updated on an ongoing basis. Staff training will include: New employee orientation Ongoing staff training as requested by management and staff Training in response to any red flag occurrence involving the Practice Plan Training in coordination with ongoing HIPAA-related education

28. Post-Test Instructions To receive 1 hour credit toward required bi-annual compliance training hours, complete the associated test and send to Bev Welshans (contact info on next slide) You must have at least 16 correct answers out of 20 (80%) to receive credit

29. Contacts for Questions Brigid Maloney, General Counsel UB Downtown Gateway Building 77 Goodell Street, Buffalo, New York 14203 (716) 888-4705 [email protected] Bev Welshans, Compliance Coordinator UB Downtown Gateway Building 77 Goodell Street, Buffalo, New York 14203 (716) 888-4702 [email protected]

  • Login