recommended reading

Health IT office awards contract to fight medical identity theft

The federal office overseeing the development of a national system of electronic medical records awarded a $450,000 contract on Wednesday to Booz Allen Hamilton to evaluate the scope of medical identity theft in the United States.

Comment on this article in The Forum."The prevention and detection of medical identify theft along with actions to address problems that may occur as a result of medical identity theft are necessary steps to build consumer trust in electronic health information exchange," said Robert Kolodner, national coordinator for health information technology at the Health and Human Services Department.

Officials with the national coordinator's office, which is spearheading the effort to provide most Americans with electronic health records by 2014, said Booz Allen will examine how information technology can be used to detect and prevent medical identity theft.

Medical identity theft is the act of stealing patients' electronic health records with the intent of committing crimes, such as blackmailing individuals who have been diagnosed as being HIV-positive or using the stolen medical records to set up fake medical clinics to file false claims. Last year, five people pleaded guilty to operating such a clinic to defraud Medicare.

The problem is widespread, according to the World Privacy Forum, which has studied the issue. Between 250,000 and 1 million Americans annually have their medical identities stolen, with potentially deadly consequences, according to the group's 2006 report. In one example cited, a Florida woman found that "an imposter had caused false entries [to be recorded] on her file, including changes to her blood type."

Last month Finjan Software Inc. reported that its Malicious Code Research Center discovered sensitive health information on U.S. patients stored on a Malaysian computer server, which was controlled by cyber criminals. Pam Dixon, executive director of the World Privacy Forum, said the Finjan report was an indication that medical identity theft has been adopted by "some nasty overseas crime rings," which elevated the consequences of medical identity theft to more dangerous levels.

She said the crime rings could hold the stolen medical identities for a year or two and then set up a fake clinic in the United States to start billing for procedures that run from $1,000 to $250,000 each for multiple patients.

Booz Allen, in the first phase of work on the contract, will assess the scope of medical identity theft, the result of which will serve as the baseline for developing prevention, detection and remediation strategies, according to the Office of the National Coordinator for Health Information Technology.

A one-day town hall meeting will be held in October in the Washington area, for the second phase of the project, and will be open to the public. The third phase will feature a final report and roadmap, summarizing key issues and possible next steps.

Dixon said she is heartened that Kolodner has decided to focus on medical identity theft, but she viewed the contract as late in the process to develop a national electronic health record system. She previously said as much when she testified in 2005 to Congress about medical identity theft one year after President Bush kicked off the national electronic health record project.

In addition, Dixon said electronic health records make it easier to steal medical identities and deterrents need to be built into the architecture of the National Health Information Network championed by Kolodner's office. The office also should develop ways to aid victims of medical identity theft, she said.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.


When you download a report, your information may be shared with the underwriters of that document.