1 / 14

Prevention of Identity Theft

Prevention of Identity Theft. Why now, Why us?. Federal Trade Commission (FTC) regulations for Identity Theft which may not apply, but it is good business to do this anyway. The Massachusetts Data Privacy Regulations become effective January 1, 2010 (TJ Maxx and Martha Coakley)

kobe
Download Presentation

Prevention of Identity Theft

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Prevention of Identity Theft

  2. Why now, Why us? • Federal Trade Commission (FTC) regulations for Identity Theft which may not apply, but it is good business to do this anyway. • The Massachusetts Data Privacy Regulations become effective January 1, 2010 (TJ Maxx and Martha Coakley) • Changes to HIPPA as outlined in the American Recovery Reinvestment Act of 2009 that went effect in February, 2010

  3. Why do we need the regulations? • Data and identity theft is being conducted by organized, motivated, and sophisticated groups that are well compensated for their success.* • The FTC estimates annual losses to business from data and identify theft amount to almost $50 billion.* • Tests done by groups assessing for the security of data are able to access highly sensitive information 90% of the time.* • CCHC data belongs to our neighbors, our families and ourselves! We have seen identity theft at CCHC. *”10 Minutes on Data and identity Theft” Price Waterhouse Coopers 10/08

  4. The New CCHC Policy… • Requires an Annual Report of compliance with the policy from each entity. • Depends on all employees being aware of flags that might signal an Identity Theft and reporting those flags to your supervisor. • Requires all areas who conduct registration / intake to include a copy of a photo ID issued by a government entity. • If no photo ID, ask for two forms of non-photo ID (not a credit card or bank statement)

  5. What are Identity Theft Flags? When you see one of the following examples consider this may be an alert that Identity Theft might be occurring:

  6. Suspicious Documents: • Documents provided for identification that appear to have been altered or forged. • A photograph that does not match the face. • Other information on the identification is not consistent or does not match what we have on file. • Documents that appear to have been altered or forged, or gives the appearance of having been destroyed and reassembled.

  7. Suspicious Personal Identifying Information: • The address does not match an address on any other type of document or the phone is invalid out of service or is a pager/answering service. • The Social Security Number (SSN) has not been issued, or is listed on the Social Security Administration's Death Master File. • There is a lack of correlation between the SSN range and the date of birth. • The address on an application is fictitious, a mail drop, or a prison.

  8. Unusual or Suspicious ActivityRelated to a Covered Account: • Mail sent to the patient is returned repeatedly as undeliverable although transactions continue to be conducted in connection with the patient's covered account. • We are notified that the patient is not receiving paper account statements.

  9. Other Identity Theft Flags: • Alerts, Received fromConsumer Reporting Agencies or providers, such as Fraud Detection Services. • We are notified by a patient, a victim of identity theft, a law enforcement authority, or any other person that we have an account for a person engaged in identity theft.

  10. What do I do if there is no ID? • Providing identification is nota condition for obtaining emergency care. The process of confirming a patient's identity must never delay the provision of an appropriate medical screening examination or necessary stabilizing treatment for emergency medical conditions. • Patients should not be refused care if they do not have acceptable identification. • Ask the patient to bring ID with them the next time they visit.

  11. How do we respond to an Identity Theft Flag? • monitoring an account for evidence of identity theft; • contacting the patient; • changing any passwords, security codes, or other security devices that permit access to an account; • reopening an account with a new account number;

  12. More options: • Not opening an account or closing an existing account; • Not attempting to collect on an account or not assigning an account to a debt collector; • Consulting with the Compliance Officer who may notify law enforcement officials and/or suspected victims; or • determining that no response is warranted under the circumstances presented due to a lack of sufficient facts/proof or otherwise.

  13. What else do I need to know? • If you see anything suspicious please report it to your supervisor right away. • It may not be anything, but you may be the first person to detect a theft and you may be helping a person who has had their identity stolen.

  14. Who is Responsible for Oversight at My Entity ?

More Related