Recently you may have noticed that we are asking for more proof of who you say you are. And
while I know that much of our intake process seems superfluous (and perhaps some is) we physicians have been caught up in
yet another governmental bureaucratic process that didn't intentionally include us. You know how that works if you have
ever dealt with a bureaucratic governmental (isn't that a duplication of terms?) issue.
everyone at this point has heard of, and lived in fear of, identity theft. This is where the Red Flag Rule is important,
because if someone steals your identity they can also use your insurance plan and benefits. And this is how we - in
the medical field - get pulled into this ruling. Because we are considered creditors
we have been included in this federal rule. As such, we are required to establish formal identity theft prevention programs
to protect consumers. And although this program was primarily directed at the financial sector (by theFTC - Federal
Trade Commission), physicians got caught up in it because of the "creditor" clause.
have ever been denied coverage due to factors such as "pre-existing conditions" then you will understand that if
someone uses your insurance identity and has medical problems, this can be a road block to you later. Much like having
to regain your identity from a financial standpoint you may have (read WILL HAVE) to prove that you did not have the problems
that insurance companies are trying to use to keep from covering you. Of course, if we do indeed get some form of universal
medical coverage, pre-existing clauses will go away. But I digress. Potentially there could be a case where a
patient is denied future benefits based on false information in their file that actually belongs to the perpetrator of the
So where did this start, you ask. The Fair and Accurate Credit Transactions (FACT)
Act of 2003 included an "Identity Theft Red Flags Rule" which required creditors
to establish a program to prevent identity theft. Physicians/medical entities were dragged into this by being considered
"a creditor". This is defined by law as "any
entity that regularly extends, renews, continues credit or arranges for the extension of credit". Since
we doctors let people owe us money, we therefore are considered creditors, and thus the long arm of the law has _____ (you
fill in the blank). We have the Federal Trade Commission (FTC) to thank for this. And we must develop a program
to accomplish 4 tasks:
1. Identity relevent red flags
2. Detect red flags
3. Prevent and mitigate identity theft
4. Update the prevention program regularly
THANKS GOV, I NEEDED SOMETHING MORE TO DO
So what is a red flag? Quite possibly anything, if you ask me: bascially any sign that your credentials are not valid
or a sign that someone else is posing as you. These include the usual and customary things like alerts or warning from
any agency, particularly agencies that handle our accounts (i.e. billing companies), and any "suspicious-looking"
document or activity. We have to develop a policy/program to deal with this issue. Anyone who works for a company
knows about policies and procedures, rules and regs. This also means we add
a statement to our HIPAA document; yes, we know it's long and cumbersome already.
So what does this
mean for you, our patient, when you come to our office? It means that we ask for more documentation of who you say you
are. We ask for more documents to corroborate the first set of documents you gave us. While it is annoying for
you (particularly those of us who dislike Big Brother application) it is important protection for you and now a legal requirement.
So we will be asking for the following from you - our patient:
1. Proof of identity
2. A photo ID
3. More than one document of identity
4. The usual insurance information
5. We will be matching information
you give to that already on file to ensure it matches
6. Your social security number;
I feel your pain here as I hate to give mine to anyone too
7. If you receive a bill or
EOB that you don't think is yours, contact us
8. If you call us requesting information
about yourself or a loved one,
we will be requiring
proof of your identity before providing that information.
We already do this because of HIPAA.
So, not only is Big Brother watching you and knows more about
you than you wanted known, he is also demanding that you verify who you are.