Home Health & Hospice Week

Fraud & Abuse:

Reduce Your ID Theft Risk With 7 Steps

Surprise audits can serve as deterrents to theft.

Consider these field-tested tips on closing the gap on security breaches regarding medical identity theft in your organization:

1. Lock out portable devices. For employees that work in your office, "make sure that all personal belongings are not allowed in the work area such as cell phones or USB thumb drives," says Barbara J. Cobuzzi of CRN Healthcare Solutions in Tinton Falls, N.J. "A secure operation will make sure that employees leave all personal belongings outside the work area so that there cannot be a data breach," she warns.

A phone can take a picture of a computer screen and a thumb drive can copy data off a system. So, even in a paperless environment, these electronic devices that are included in the workers' personal belongings need to be considered and barred from the workplace, Cobuzzi adds.

2. Divide up data protection duties. Breaking up authority among many rather than allowing one person to have too much authority will also reduce medical ID theft and any kind of fraud for that matter, suggests information security consultant Ester Horowitz.

3. Hire very carefully. Make sure you hire people who have demonstrated good character, says Horowitz. Background checks are a good way to screen for problems.

4. Screen vendors. Background checks should be made of vendors as well. An inside job sometimes includes more than one person performing the illegal act, warns Horowitz. Passing information to vendors would be an excellent way to conduct the theft. Ensure that there are no personal relationships between vendors and staff, she says.

For example, if a staff member recommends someone she knows to become a vendor, examine the relationship, she recommends. Does the staff member receive a referral fee? Does the staff member have an interpersonal relationship? Many organizations like to work with people they know well because they want to trust them, but it would be prudent to perform background checks even on trusted recommendations to flush out potential conflicts of interests that weren't brought forward in the spirit of transparency, adds Horowitz.

5. Conduct regular system checks. "Adopt an information security management process that involves regular reviews and evaluations to ensure your measures are as effective as they can reasonably be, and fully document your actions, activities, and assessments undertaken in compliance with your policies so you can be ready to deal with any issues or external audits that arise," says Sheldon-Dean.

6. Conduct unannounced audits. To re-duce the incidence of ID theft, a surprise audit of compliance practices is a good tool. Letting staff members know that such audits can occur at any time is a deterrent to committing theft and fraud.

7. Be vigilant about educating staff. Training staff is effective and is also a requirement in the compliance process, says Horowitz. Often, there is not enough education being performed or made easily available.

Other Articles in this issue of

Home Health & Hospice Week

View All