"Medical identity theft" -- theft of your unique identifiers to perpetrate Medicare or insurance fraud -- may be on the rise, according to the Federal Trade Commission. There were 12,000 cases of medical identity theft reported by patients or doctors between 2007-2009. A JAMA article by Shantanu Agrawal and Peter Budetti describes one hapless victim's harrowing experience:
A fraudulent clinical practice had enrolled in Medicare using her name without her knowledge. Another physician had retired from clinical practice but decided to work part-time. Nearly 2 years after sending out job applications, he was asked by Medicare to return more than $350 000 in overpayments made to a practice he had interviewed with but never joined. The Department of Treasury began to garnish his Social Security payments for unpaid debts.
He got his identity and her money back, but at what ungodly price of hassle and stress?
Their counsel is mostly just good common sense: You should share your unique identifiers like your Medicare number, DEA number, etc., with as few trusted people as possible. They say to protect your NPI number as well, which I find kind of funny since it's publicly available on the Internet to anyone who knows your name and practice location.
One helpful heads-up they gave that made me chuckle was that "The primary risk factor for medical identity theft is complicity in fraud schemes." Wait, so you're saying I shouldn't engage in Medicare fraud? Hold on -- I need to grab a pencil. OK, tell me again? Don't ... participate ... in ... fraud schemes. Got it: check. (Something tells me that people engaging in Medicare fraud schemes don't read JAMA, but you never know.)
Agrawal S, Budetti P. Physician Medical Identity Theft. JAMA 2012;307:459-460.