IdentityForce LogoIdentityForce Logo
Protect What Matters Most.
Medical Theft
Posted on May 18, 2019 by in ID Protection Tips & Awareness, Personal

Think You Are a Victim of Medical Identity Theft? Watch Out for these Red Flags

  • A bill for medical care, services, or equipment you didn’t receive
  • A call from a collection agency about a medical bill you don’t owe
  • Past due or collection accounts on your credit report that you don’t recognize
  • A letter from your health plan saying that you reached or exceeded your benefit limit
  • A denial of insurance because your medical records show a condition you don’t have
  • Suspicious charges on a bill that indicate you have been charged twice for the same service or billed by a doctor or hospital you’ve never visited or for a procedure you haven’t undergone

What to Do If You Are a Victim of Medical Identity Theft

Here are steps you can take to mitigate the potential fallout.


Get a copy of your medical records from your health insurance companyReport any discrepancies to your insurance provider and work together to resolve the problem. If you find your medical identity has been stolen, you’ll want to cancel your health insurance ID number and have a new one assigned to you. If the policy is through your employer, alert Human Resources or the person who handles health insurance coverage at your company. While this process sounds a lot like credit card fraud, unfortunately there are no similar liability limits for healthcare coverage.
Contact each healthcare provider–including doctors, clinics, hospitals, pharmacies, and laboratories–and ask for copies of your medical records

The FTC offers a checklist of steps that victims of medical identity theft should take, starting with informing yourself of your state’s health privacy laws that can make it easier to get copies of your medical records.*

*FTC Checklist, “How to Correct Errors in Your Medical Records.”

Check your Medicare Summary Notices and Explanation of Benefits (EOB) statement that your health plan sends after treatment
Check the name of the provider, the date of service, and the service provided. Do the claims paid match the care you received? If you see a mistake, contact your health insurance and healthcare provider immediately to report the problem. Although they are almost impossible to decipher, carefully review the Explanation of Benefits that you get from your health insurer to make sure that all charges were incurred by you. If you see treatments you never received, immediately notify your health insurance company and medical providers. Correcting records can be hard. In general, federal law lets patients correct medical records created only by the medical provider or insurer that now maintains your information. A hospital or insurer that later receives your information doesn’t have to correct its records–even when they’re wrong. But you do have the right to have your records state that you disagree with the information and why. Be sure your complaint is entered into your records and request copies for your records.
Check your credit reports
Review your credit reports with the three major credit agencies to see if anyone has rung up unpaid medical bills in your name. Place a fraud alert and credit freeze on your credit reports if you’ve been scammed. A fraud alert means the bank or other creditor will contact you to confirm your identity when anyone applies for credit in your name. A credit freeze means someone can access your report only with a unique personal identification number provided by you. Be sure to ask each of your medical and health insurance providers for a copy of the “accounting of disclosures.” This is a record of who got copies of your medical records. The HIPAA Privacy Rule gives people the right to request copies of their records maintained by covered health plans and medical providers. The accounting includes details about what medical information the provider sent, when it sent the information, who got the information, and why the information was sent. The accounting should show who has received copies of your records that include errors and who you need to contact. It may not have details about some routine disclosure of your information, like those from your doctor’s office to another doctor’s office, or disclosure of payment information to an insurer.

Ask for corrections if you find errors
Write to your health plan and medical providers and explain which information is not accurate. Send copies of the documents that support your position, and be sure to include a copy of your medical record and circle the disputed items. Ask the provider to correct or delete each error. Keep the original documents. Send your letter by certified mail and ask for a return receipt so you have a record of what the plan or provider received. Keep copies of your letters. The health plan or medical provider that made the mistakes in your files must change the information. It should also inform labs, other healthcare providers, and anyone else that might have gotten wrong information. If a health plan or medical provider won’t make the changes you request, ask it to include a statement of your dispute in your record.
File a police report or Identity Theft Report and send it to your health insurance company, medical providers, and all credit bureaus

Filing a police report will notify law enforcement that a crime may have been committed.


 Consider placing a fraud alert or security freeze on your credit files
Gain additional control over access to your credit. Placing a freeze on your credit report will prevent lenders and others from accessing your credit report in response to a new credit application.
 Notify the government and file a complaint with the Federal Trade Commission
Approximately 21% of victims don’t realize their identity has been compromised until more than two years after it’s happened. This gives thieves plenty of time to seek multiple treatments under their victim’s name.