Skip to content Skip to navigation

Senators Probe HHS About Efforts to Mitigate Medical Identity Theft

November 12, 2015
by Heather Landi
| Reprints

Citing the growing number of data breaches at healthcare organizations, four U.S. Senators are asking the Department of Health and Human Services (HHS) what the agency is doing to mitigate medical identity theft.

The letter, which is addressed to Andy Slavitt, acting administrator for Centers for Medicare and Medicaid Services (CMS) and Jocelyn Samuels, director of the Office of Civil Rights, both within HHS, calls attention to major recent cyberattacks such as Anthem, Premera Blue Cross, CareFirst BlueCross BlueShield, Excellus BlueCross BlueShield and UCLA Health System, which affected up to 105 million people. In the letter, the Senators state that sizeable and damaging breaches continue as a result of traditional threats, including unauthorized access and disclosure and loss or theft of laptops.

The authors of the letter are Lamar Alexander, chairman on the Senate Committee on Health, Education, Labor and Pensions, Orrin Hatch, chairman on the Senate Committee on Finance, Patty Murray, ranking member of the Senate Committee on Health, Education, Labor and Pensions and Ron Wyen, ranking member, Senate Committee on Finance.

“Medical identity theft is a unique crime with consequences for victims that stretch beyond those associated with financial identity theft. To help assess the adequacy of current efforts to mitigate medical identity theft and the resources currently being offered to victims, we respectfully request that you answer the following questions by November 24, 2015,” the letter states.

In the letter, the Senators question what services CMS offers to Medicare and Medicaid beneficiaries who suspect they are victims of medical identity theft and how long individuals who report identity theft to CMS have to wait for a response as well as how OMR and CMR tracks reported cases of medical identity theft and how recent breaches at healthcare organizations effect the Medicare and Medicaid programs.

Data security is a growing concern with the public and healthcare providers. According to an Accenture report, healthcare providers stand to lose $305 billion in patient revenue over the next five years due to the impact of cybersecurity attacks.



CMS Hospital Compare Website Updated with VA Data

The Centers for Medicare & Medicaid Services (CMS) has announced the inclusion of Veterans Administration (VA) hospital performance data as part of the federal agency’s Hospital Compare website.

CMS Awards Funding to Special Innovation Projects

The Centers for Medicare & Medicaid Services (CMS) has awarded 20, two-year Special Innovation Projects (SIPs) aimed at local efforts to deliver better care at lower cost.

Center of Excellence in Genomic Science to be Established in Chicago

The National Human Genome Research Institute has awarded $10.6 million over five years for the establishment of a new research center in Chicago to advance genomic science.

EHNAC and HITRUST Combine HIPAA Security Criteria, CSF Framework

The Electronic Healthcare Network Accreditation Commission (EHNAC) and the Health Information Trust Alliance (HITRUST) announced plans to streamline their accreditation and certification programs.

Halamka on MACRA Final Rule: “CMS is Listening and I Thank Them”

Health IT notable expert John Halamka, M.D., CIO of Beth Israel Deaconess Medical Center in Boston, recently weighed in on the Medicare Access and CHIP Reauthorization Act (MACRA) final rule.

Texas Patient Care Clinic Hit with Ransomware Attack

Grand Prairie, Texas-based Rainbow Children's Clinic was the victim of a ransomware attack on its IT systems in August, affecting more than 33,000 patients, according to multiple news media reports this week.