DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Medicare/Medicaid fraud can put you at risk – protect yourselves.

Posted on February 13, 2015 by Dissent

When health insurance information is involved in a breach, patients need to be vigilant to protect themselves from medical identity theft. But even if you have not been notified of a breach, you should always be on the lookout for medical ID theft, as there are other breaches that generally don’t get a lot of media attention that pose a risk of harm to patients via contamination of the patient’s records.

Here’s a recent case out of Florida, as described the U.S. Attorney’s Office for the Southern District of Florida:

According to allegations in an indictment, Isaac Kojo Anakwah Thompson, M.D., 55, operated Isaac K. A. Thompson, M.D., P.A. in Delray Beach, and IM Medical P.A. in Boynton Beach, Florida. These clinics were Primary Care Physicians (PCP) in Humana’s HMO network. Therefore, a beneficiary enrolled in a Humana health maintenance organization (HMO) Medicare Advantage plan could choose Thompson’s clinics as the beneficiary’s PCP. Humana paid each clinic approximately 80% of the capitated fee associated with each beneficiary who had selected the clinic as his or her PCP.

Thompson defrauded Medicare by submitting fraudulent diagnoses to Humana for Medicare Advantage beneficiaries. Humana reported the diagnoses to Medicare, and Medicare in turn increased the capitation payments associated with many of the beneficiaries.

An indictment is only an accusation and a defendant is presumed innocent unless and until proven guilty, of course. Here’s another case of fraud reported this week by the U.S. Attorney’s Office for the District of New Jersey:

A licensed pediatrician practicing in Jersey City, New Jersey, today admitted fraudulently billing Medicaid for more than 1,000 wound repair procedures that were never performed.

Badawy M. Badawy, 52, of Bayonne, New Jersey, pleaded guilty to Count One of an indictment charging him with health care fraud.

According to documents filed in the case and statements made in court:

Badawy owned and operated Sinai Medical Center of Jersey City LLC, a medical practice focusing on pediatric and family medicine. From January 2004 through December 2008, Badawy submitted thousands of claims to Medicaid for wound repair procedures related to the repair of superficial wounds over 30 centimeters in length on a patient’s face, ears, eyelids, nose or lips as well as the repair of previously closed wounds. Badawy claimed to have performed these treatments on his patients, most of whom were children.

In both those cases, the physicians used their patients’ information to perpetrate fraud. In other Medicare/Medicaid fraud schemes, the fraudsters may use the identity and insurance information of individuals who were never even patients.

So what happens to patients who have had false diagnoses or false treatments inserted into their Medicare or Medicaid records? Can the false diagnoses or treatment codes come back to harm them in any way? According to the Centers for Medicare & Medicaid Services (CMS), who provided PHIprivacy.net with a statement:

All kinds of over-utilization, including fraud, can potentially inflict real harm to patients. When providers over diagnose or falsely diagnose conditions, the beneficiary may later have difficulty accessing needed and legitimate care.

There are at least two take-home messages here, I think:

1. You should always check your Explanation of Benefits statements and bills carefully so that if there’s erroneous or fraudulent information attached to your records, you can report it and get it corrected.

2. Researchers on data breaches need to pay much more attention to Medicaid and Medicare fraud investigations, as each investigation may involve the compromise or misuse of numerous individuals’ information. I have tried to post a number of these cases on this site, but there are many more that don’t get posted (and probably should, except that I am only one person and this site is a volunteer effort). Some fraud cases involve the voluntary cooperation of the patients, but many don’t, and those cases should be included in our compilations and analyses of breaches involving personal information.

Category: Uncategorized

Post navigation

← U.S. states say Anthem too slow to inform customers about breach
Wyoming House committee approves data definition, breach notification bills →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Ph: Coop Hospital confirms probe into reported cyberattack
  • Slapped wrists for Financial Conduct Authority staff who emailed work data home
  • School Districts Unaware BoardDocs Software Published Their Private Files
  • A guilty plea in the PowerSchool case still leaves unanswered questions
  • Brussels Parliament hit by cyber-attack
  • Sweden under cyberattack: Prime minister sounds the alarm
  • Former CIA Analyst Sentenced to Over Three Years in Prison for Unlawfully Transmitting Top Secret National Defense Information
  • FIN6 cybercriminals pose as job seekers on LinkedIn to hack recruiters
  • Dutch police identify users on Cracked.io
  • Help, please: Seeking copies of the PowerSchool ransom email(s)

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • 23andMe Privacy Ombudsman Urges User Consent Pre-Data Sale
  • The Meta AI app is a privacy disaster – TechCrunch
  • Apple fixes new iPhone zero-day bug used in Paragon spyware hacks
  • Norwegian Data Protection Authority’s findings on tracking pixels: 6 cases
  • Multiple States Enact Genetic Privacy Legislation in a Busy Start to 2025
  • Rules Proposed Under New Jersey Data Privacy Act
  • Using facial recognition? Three recent articles of interest.

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.