Medical identity theft occurs when somebody uses your information to obtain medical treatment without your knowledge or consent. Unlike traditional identity theft that requires a social security number, this can be  as simple as using your name, date of birth, and address. The dangerous thing about medical identity theft is that a hospital has to take in any emergency patients and often little attention is paid to whether the information they receive about that patient is accurate when it goes to the billing department.

Medical identity theft comes in two stages. The first is the billing stage. The billing department for any hospital, doctors office, pharmacy, or emergency room will use the information they have on the patient to try to bill them or their insurance provider. Once a victim is notified that their information has been used for medical treatment, they must work with the billing department of the hospital as well as any other groups such as Medicare or their insurance provider to prove that they were not the ones who received treatment. This is made easy by sending a copy of a driver’s license for photo comparison to the patient. The one thing about this process is that it can take many months for the different departments and companies to recognize that identity theft has occurred.

The second stage is the medical history stage. Whatever treatment the identity thief acquired under the victim’s information will now be placed on the victim’s medical record. Most hospitals are now electronically networked and a patient’s information can be accessed and updated from any part of the country. A thief can get prescription drugs, treatment for diseases, surgeries, etc. and it would all show up on the victim’s medical record. This can make it hard for a victim to get the prescription drugs they needs, proper diagnosis of illness, or proper treatment in an emergency situation.

If you discover that you may be the victim of medical identity theft, file a police report with your local police department using the information you have gathered on the fraud. Talk to the billing department of the medical facility as well as any insurance or government agencies that may be involved. Write to the hospital/doctor about viewing your medical history using the form LF 130A. And ask any physicians involved to amend your medical records to reflect that you were not the one who was treated.

For more information please see our Fact Sheet FS 130 on Medical Identity Theft.

“Medical Identity Theft: The Basics” was written by Kat Rocha. Kat is a Victim Advisor at the ITRC. We welcome you to post/reprint the above article, as written, giving credit to and linking back to the original post.

Violence at the hands of a domestic partner is often rooted in that partner’s desire to control. This need to control another human being can take the form of physical violence, verbal abuse and in many situations financial control. This is when identity theft comes into the picture in domestic situations.

Often times at the ITRC, we will get phone calls from an individual who has finally made that amazingly brave first step of trying to remove themselves from the situation. Whether they have physically left the shared domicile or are planning their escape, they realize they will need separate financial resources. It is at this time that they realize they have been a victim of identity theft at the hands of the person they once thought loved them.

If you, or someone you know, is in an abusive situation and believes they may also be victim of identity theft we recommend the following steps:

  • Check your (and your children’s) credit reports: You can do this for free online at www.annualcreditreport.com. Look for accounts or inquiries that you did not make. It may be a credit card or something as large as a mortgage or a vehicle. Once you check the report you will know if you are a victim or not and can take action accordingly. You will also want to check your children’s credit reports if you have children. You can easily check your child’s credit report for free at https://www.allclearid.com/child.
  • Place a 90 day fraud alert: You can place a 90 day fraud alert by phone. Even if an abuser has not used identity theft as a tactic in the past, they may use it as a retaliatory effort once the victim begins the process of separating from the abuser. A 90 day fraud alert will keep them from opening any new accounts.
  • File for separation: When an individual is married, the law looks at the two married people as a single legal entity. If you have not filed for separation, the police will look at the situation as a domestic dispute rather than identity theft. In most states you can file for separation on your own.
  • Obtain a restraining order: While we understand this is a terrifying step, for many victims of domestic violence it is necessary. The first step is to obtain a temporary restraining order, or TRO, which you can do yourself at your local courthouse. It is free to do this in California, but you may want to check with your state to see whether there is a filing fee or not. Though the restraining order is just a piece of paper, if your abuser violates the order and tries to contact you, they will be at risk of going to jail. This is often a satisfactory deterrent to an abuser.
  • Call your bank and creditors: Inform these companies that you are in the process of separation. Place a verbal password that your abuser would not know or be able to guess. Request that no changes be made to your accounts without the verbal password. Also request that no information about the account or the account holder be released.

We know that this is an incredibly difficult situation entangled with emotions and fear. If you have any questions or need further guidance, please call the Identity Theft Resource Center at 888.444.5530 and one of our Victim Advisors will be there to help.

If you found this information helpful, you may want to consider taking part in the Identity Theft Resource Center’s Anyone3 fundraising campaign.  For more information or to donate please visit http://www.idtheftcenter.org/itrc-launches-anyone3-campaign.

We are very excited to begin yet another venture in our mission to reach consumers and educate them about identity theft. This Thursday, December 6th ITRC will be hosting our first ever identity theft Twitter chat. It is our hope that this will help people who are concerned about and interested in identity theft connect with one another. Be it an organization working on identity theft issues, victims of the crime, or service providers these conversations have proven to produce wonderful ideas in the past. The ITRC is optimistic the weekly identity theft chat will do just that.

The first identity theft twitter chat will take place on Thursday, December 6th 2012. Those who would like to participate can RSVP via online invitation. The ITRC will be hosting the identity theft twitter chat every week on Thursday at 11:00 am PST.

twitter

Questions will change every week and December 6th 2012 questions are as follows:

Q1: What do you think is the best way to protect against ID Theft?
Q2: Who do you think is the most vulnerable to ID Theft right now?
Q3: Have you ever been a victim of ID Theft? What happened?
Q4: Would you know what to do if you become a victim of ID Theft?

Following each weekly identity theft twitter chat, users will be able to suggest questions for the next week’s event. In order to participate, users should follow the hashtag #IDTheftChat and include it in all of their responses.

The ITRC hopes that everyone with interest in the issue of identity theft is as excited as we are and that this weekly event will help centralize twitter talk regarding identity theft. This weekly event should also help produce great collaborative thought and perhaps even some unique and novel solutions. Other entities which are interested in becoming a guest host for a weekly chat can contact ITRC’s Social Media Manager at nikki@idtheftcenter.org. We hope you will join the conversation and bring your friends!

If you found this information helpful, you may want to consider taking part in the Identity Theft Resource Center’s Anyone3 fundraising campaign.  For more information or to donate please visit http://www.idtheftcenter.org/itrc-launches-anyone3-campaign.

One of the first steps a victim or likely victim of identity theft should look to complete in order to protect their financial well-being is issue either a fraud alert or initiate a credit freeze. At the ITRC call center our advisers regularly receive calls from consumers confused as to what exactly each of these protections do and how they work. In an effort to reduce confusion, what follows is an explanation of what each protection does and doesn’t do, and which one will best fit what type of consumer or victim. For more detailed information, review fact sheet 100 in the document catalogue of the ITRC website at www.idtheftcenter.org.

Fraud Alert – A fraud alert heightens credit issuer’s awareness that they need to authenticate and verify the applicant before issuing credit. Most security conscious banking and financial institutions as well as major credit issuers will take notice of a fraud alert. However, it is not 100% reliable and not always heeded. They don’t affect your credit score but may slightly slow down the application process. When you initially place a fraud alert as a potential victim of identity theft, you will be offered a free credit report as part of your federal rights. This is not the same as the free federal annualcreditreport.com

Security or Credit Freeze – With a freeze; a company may not look at your credit report for the purposes of establishing new lines of credit. Companies you already have an existing relationship with (example: a credit card, loan or utility service) may view your reports but only to review your credit-worthiness. Placing a freeze is a strong step to take and will affect your ability to get instant credit since it can take up to 3 days to thaw a report. However, it also locks out thieves. In those states with freeze laws, most state that victims with a police report get this service for free. Most states also allow the consumer to buy a freeze. You may thaw your freeze anytime you wish to apply for credit but you will need to plan ahead. At the time a freeze is established, the victim or consumer is given a pin number as a way of confirming their identity. Anyone considering a security freeze needs to be very careful not to lose this pin number as it can be extremely difficult to thaw (unfreeze) your credit report without the issued pin number.

The difference between these two options is the level of security. A freeze will place a higher degree of assurance to a victim that new accounts will not be opened, but leaves much less flexibility than a fraud alert. Whichever tool a victim of identity theft chooses, they should continue to be conscientious of what is going on with their credit file and know that the Identity Theft Resource Center is always here to answer questions and assist victims.

If you found this information helpful, you may want to consider taking part in the Identity Theft Resource Center’s Anyone3 fundraising campaign.  For more information or to donate please visit http://www.idtheftcenter.org/itrc-launches-anyone3-campaign.

Major security breaches often occur over the Internet. As hackers learn to break into corporate – and even government – networks, it can seem like the Internet is the only source of identity theft. However, old-fashioned burglaries are still common, and these thieves are now after more than your wallet or jewelry. They want your identity.

Professional burglars can make money by selling passwords, credit cards, billing statements and identification cards. These burglars often have connections with organized criminal enterprises who know how to milk the information for all its worth. A home security system is the best way to deter criminals from breaking into your home, but if they do get inside, your personal information will need to be secure.

  1. A Safe: A common misconception home owners have is that if they own a safe, they are protected. Some safes offer protection against fire or water and are not designed to protect your valuables from theft. Also, some safes are light enough to be carried away. To protect your valuables and sensitive documents and data from burglars, you will need to choose a safe that is very difficult to break into. You also need to opt for the safe that can be bolted to the floor. A thief can violate a safe in two ways: by carrying it out the door or by breaking into it. Make sure you choose a safe that resists both.
  2. A Shredder: A thief doesn’t even have to break into your home to steal your identity. If you leave sensitive information in the trash, a clever burglar will find it. A simple way to protect yourself against identity theft is to shred all financial statements, paystubs and sensitive documents that you no longer use for tax purposes.
  3. The Trio of Computer Protection: Many of us store information in our laptops and computers, and theft or hacking of these items can have drastic consequences. To protect information from being accessed during a burglary, you can equip your computer with a BIOS password. BIOS stands for Basic Input Output System. This password will prohibit a burglar from booting your computer. However, a computer savvy burglar can remove your hard drive and read the information using another device. To protect against this type of information theft, you can encrypt your files. If a burglar wants to physically remove your laptop, you can deter him with an anti-theft PCMCIA card that sounds an alarm and shuts down the computer when removed from a certain perimeter.

A Few More Tips

Never leave sensitive information in plain view, filing cabinets, dresser drawers or obvious places like a purse or coat pocket. Always remember to set your alarm system and lock doors and windows. It is important to remain daily vigilant as burglars are always on the prowl, and be sure to ask a neighbor to check in on your house if you are gone for a long period of time.

Silvia Brooks is a former real estate agent who works with homeowners to find the best security system for their needs. You can read more of Silvia’s advice at homesecurity.org.

FBI’s Law Enforcement Executive Development Association (FBI-LEEDA) has partnered with LifeLock, an industry leader in identity theft protection services, in order to provide cutting edge seminars on identity theft to law enforcement around the nation. These seminars cover current identity theft laws, the various technologies used in identity theft crimes, and proper identity theft awareness and protection strategies. In addition, this program provides access to databases to assist law enforcement in identity theft investigations.

In the last three and a half years, the FBI-LEEDA/LifeLock Identity Theft Summits have reached more than 7,000 law enforcement officials representing more than 2,500 agencies around the United States. The Summits have been hosted by police chiefs, sheriff’s offices, universities and state attorneys general across 32 states. More than 100 Identity Theft Summits have been held so far, with more than 30 taking place in 2012 alone. LifeLock has been recognized for its Corporate Social Responsibility by both the American Business Awards and Communitas Awards for its work with the FBI-LEEDA program.

Based on a recent Javelin study, the FBI-LEEDA program picked a strong company to partner with to educate and assist law enforcement in the field of identity theft. The study, titled 2012 Identity Protection Services Scorecard: How to Deliver Customer and Market Value in a Regulated $4B Market provides insight into the different companies and services available to consumers who want to protect themselves against identity theft. The Javelin report ranked LifeLock number one, tied with the company Intersections, in overall identity theft protection service when compared with 15 other top companies in the industry.

Based on Javelin’s criteria, LifeLock was the only company to receive a 100% score in the category of detecting breaches to your identity due to their multi-faceted approach of triple-bureau credit monitoring, internet scanning, public records scanning, Social Security Number tracing, and offering a child and family option for the consumer. LifeLock was ranked number two in the category of resolving identity breaches for providing consumers with a certified fraud specialist, 24/7 access to LifeLock’s multilingual 24/7 resolution team and a large identity fraud insurance and service guarantee provided by a third-party insurance provider.

FBI-LEEDA/LifeLock Identity Theft Summits for the rest of 2012 will be held in Prescott Valley, Arizona and Baltimore, Maryland.

If you found this information helpful, you may want to consider taking part in the Identity Theft Resource Center’s Anyone3 fundraising campaign.  For more information or to donate please visit http://www.idtheftcenter.org/itrc-launches-anyone3-campaign.

Prescription fraud occurs when an identity thief, using your personal information, has a prescription issued and possibly filled under your name. Prescription fraud is just one consequence of medical identity theft, where a thief obtains enough of your personally identifying information to be able to assume your medical identity. Prescription fraud affects the victim in many ways, including their finances, ability to get necessary health care and possibly their ability to check their own health records.

An identity thief using your identity to be prescribed restricted medications, may also use your health insurance to purchase the medication. This means that you, the victim, will often get left with the bill for any unpaid expenses the identity thief incurs while using your identity and medical insurance.

Prescription

It is important to be alert for any explanation of benefits (EOB) you receive from your health insurance provider or bills for medical services you did not seek or receive. This may be your best warning that an identity thief is abusing your medical identity and insurance.

Unfortunately, there are worse consequences to being a victim of prescription fraud than bearing the brunt of fraudulent medical bills. When an identity thief uses your medical identity to be prescribed medication, this information will be incorporated into your health record. Any subsequent medical personnel looking at your record will see the new prescriptions and make medical decisions based on this fraudulent record. Prescription fraud victims have discovered they were victims of identity theft and prescription fraud after their pharmacy refused to fill their current, valid prescription because it conflicted with another medication prescribed to the identity thief.

Lastly, it can be exceedingly difficult to set your health records straight after an identity thief has received services or prescriptions under your name. Under the Health Insurance Portability and Accountability Act, or HIPAA, strict rules prevent access to patients’ medical records by unauthorized entities or individuals. Sadly, this very same rule prohibits victims of prescription fraud from accessing their personal health records in order to correct it because health care providers fear it may be a violation of the identity thief’s rights to confidentiality of their medical records.

The best defense to prescription fraud or any identity theft is to be keenly aware of your personal information. Any documents that contain personal information such as your birth date, Social Security number, driver’s license number, or insurance plan information, should be stored somewhere safe and secure or shredded when no longer needed. Do not carry your Social Security card, military identification, or Medicare card on your person as they have your Social Security number on them and are extremely helpful in the hands of an identity theft. New military identification cards no longer have Social Security numbers on them, so if you have an old military ID you can always renew your card to reduce your risk of identity theft.

“Prescription Fraud and Identity Theft” was written by Sam Imandoust, Esq. He serves as a legal analyst for the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to and linking back to the original post.

SC Department of Revenue Reports Record Setting Data Breach

It was admitted publicly by state officials yesterday that the tax and banking information from millions of South Carolinians may have been compromised in a recent exploitation by hackers of the Department of Revenues servers.

What Happened: On October 10, the South Carolina Department of Revenue (DOR) was informed by the South Carolina Division of Information Technology (DSIT) of a potential cyber-attack involving the personal information of South Carolina Tax Payers. On October 12, the state hired an outside IT security firm, Mandiant, which on October 16, determined the intruders accessed state systems in early and mid-September. It wasn’t until eight days later, on October 20, that the suspected security hole was actually closed.

Who It Affects: In the aftermath of this discovery, it was determined that approximately 3.6 million Social Security numbers and 387,000 credit and debit card numbers of South Carolina Tax Payers may have been exposed (The entire population of the State of South Carolina is approximately 4.7 million), making this the largest breach of its kind in state history.

What’s Being Done: “We are taking immediate steps to protect the taxpayers of South Carolina, including providing one year of credit monitoring and identity protection to those affected,” Governor Nikki Haley said in a statement. In an effort to mitigate the potential damage, taxpayers in South Carolina who might have potentially been impacted are being provided one year of credit monitoring. Haley said the state was negotiating to offer protection at about $8 per person, which would cost the state about $29 million if every taxpayer affected registered.

South Carolina Taxpayers that have filed returns in that state since 1998 are encouraged to call the toll-free call center established by the DOR, 866-578-5422.

If you found this information helpful, you may want to consider taking part in the Identity Theft Resource Center’s Anyone3 fundraising campaign.  For more information or to donate please visit http://www.idtheftcenter.org/itrc-launches-anyone3-campaign.

Almost everybody has heard the horror stories and nightmare scenarios of an identity thief gaining your personal information and using it to establish credit card, loans and other lines of credit that you would not have applied for yourself. But what these scenarios rarely talk about are the steps you can take to prevent such an event from occurring, or what to do to clear your name should you find yourself in this situation.

Something that anybody can do, at any time, is to place a free 90-Day Fraud Alert on their credit reports. This requests that credit issuers (credit card companies, cell phones, etc) contact you first before they approve of any applications for credit. This will not affect accounts you have open or your credit score. As well, you can replace the fraud alert every 91 days at no charge, or extend it to seven years with a police report. The fraud alert can be applied for over the phone or going to each credit agency’s website directly. It’s always a good idea to place the fraud alert with all three companies yourself to make sure that possible fraud doesn’t get in the way of your protection.

Once you place the 90-Day Fraud Alert the credit reporting agencies will send to you a letter with instructions on how to gain a free copy of your credit report. This way you can make sure that everything is ok with your credit reports and fraud isn’t taking place. This report does not count towards your annual free credit report, allowing you to save that one for later.

But what should you do if there is something on your credit report? The first step is to file an Identity Theft Report through the Federal Trade Commission.

Once you have filed an Identity Theft Report, contact the companies that are reporting fraudulent accounts. Request to speak to their fraud or identity theft department and inform them of the fraudulent account. Fill out these documents, get them notarized, and send them back to the company/s with a copy of your Identity Theft Report. Some companies will ask for other things like a photocopy of your driver’s license. Make sure you send these documents with your packet. Make sure you send it Certified Mail Return Receipt so that you get proof of when they received your paperwork.

Continue to talk to these companies and, if need be, send them any documents they may request. If all goes well, they will recognize this was identity theft and they won’t hold you responsible. Make sure you get this in writing. Computers can error and humans make mistakes. These letters of clearance come in handy when this happens.

For more long term/permanent options for protection from identity theft (especially after you have already been victimized) look into freezing your credit reports with the three credit reporting agencies. The process is slightly different for each state, but all states offer the freeze for free to victims with a police report.

For more information, check out the ITRC victim assistance page here: http://www.idtheftcenter.org/knowledge-base.


If you think you may be a victim of identity theft, contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App.

I’m an old guy, and have been quite a few places, and done quite a few things. So, not much surprises me anymore. And, along with life’s lessons, I acquired over 25 years of business experience before retiring and ultimately ending up at the Identity Theft Resource Center (ITRC). But one thing that has continued to surprise me for the past 6 years is hearing the details of hundreds of new identity theft cases each and every month. I have found these cases to be constantly changing and evolving, and ranging from simple to very complex. Although I am not a victim advisor, I have been constantly surprised at what ITRC Victim Advisors do each and every work day to help this unending stream of victims.

A victim advisor for the ITRC never knows what the next call will bring. The phone rings according to your position on the phone queue, and now it becomes your call, your turn to listen, assess, question, analyze, discuss, and plan. Hopefully you can make some sense and order out of a victim’s pain and suffering at the hands of an identity thief. The training and preparation to become an identity theft Victim Advisor is by itself daunting. Each person I have seen trained for the job soon shows the signs of “information overload” as they begin to understand the breadth and depth of the information that must be understood and retained in order to appropriately answer that ITRC Call Center phone.

ITRC provides information and help on a wide variety of identity theft cases, scams, and related topics. Identity theft cases can be financial, government related (SSN and DMV), medical, criminal, child related, or Internet/account takeover types of cases. Each of these types of cases will require different actions to correct. In many cases the appropriate response, that will actually do some good, may vary depending upon the laws of the state of residence. And, as if that wasn’t enough, a significant percentage of these callers will have more than one type of identity theft to resolve. In the period January through August 2012, 28% of the victims reported governmental identity theft, usually meaning the illicit use of their SSN in some manner. Approximately 6 out of 10 reported financial identity theft. It is relatively common for a single victim to have financial identity theft at the same time they are a victim of governmental identity theft. Since there are many “sub-types” to each of these major categories, the Victim Advisor has the task of sorting out all the facets of these cases, and determining the appropriate course of action for each.

In addition, victims of identity theft are often very emotional and upset with this unexpected and serious invasion of their privacy. Some need to vent, and most have also been frustrated with endless phone trees, conflicting website information, and probably have found little coherent help with their specific problem. The Victim Advisors deal with a wide variety of personalities, including a few that simply don’t want to help themselves, and expect “someone else” to fix the problems. It is a saving grace that for most of the victims who contact the ITRC this will be their first time to speak with a live person, who is interested in their specific case, and has the knowledge to provide a good roadmap of actions to begin mitigating the problems.

So, I continue to be impressed by what the ITRC Victim Advisors do, and how they do it. In the field of identity theft, they are “in training” every day as exploits used by the criminals are constantly evolving. And it is always a great payback when a victim calls or emails, thanking our advisors for what they do.

If you found this information helpful, you may want to consider taking part in the Identity Theft Resource Center’s Anyone3 fundraising campaign.  For more information or to donate please visit http://www.idtheftcenter.org/itrc-launches-anyone3-campaign.