There’s a new commercially developed product that may help consumers detect medical ID theft or fraudulent use of their information promptly so it can be addressed. Given how research has shown that most people do not check their Explanation of Benefits statements and don’t report discrepancies or anomalies when they do find them, this has the potential to be a great tool for consumers. From their press release, with additional comments/notes by me:
MIDAS™—Medical Identity Alert System — the latest software solution from ID Experts, was announced today, for health plans to engage consumers (health plan members) to monitor their healthcare transactions and take control of their medical identities. MIDAS was developed to lower healthcare costs through early detection and prevention of healthcare fraud by using mobile alerts, similar to proven approaches utilized by the financial services industry.
MIDAS Helps Health Plans Engage Members in the Healthcare Process; MIDAS is Safe, Secure, and Easy to Use
MIDAS uses real-time text messages and emails to alert members when a healthcare transaction is submitted to their health plan. The alert leads the member to a secure site that displays summary information in plain language. The member can either validate the transaction or mark it as “suspicious.” If suspicious, a notification is sent for prompt follow-up by the MIDAS resolution experts. If fraud or medical identity theft has indeed occurred, MIDAS deploys proven resolution processes to diagnose the problem, address the issue, and mitigate any harm.
In response to a question from PHIprivacy.net about the security level of communications, a MIDAS spokesperson informs PHIprivacy.net that MIDAS uses AES 256-bit encryption for transmitting data to users. When asked what gets stored on MIDAS’s servers, the spokesperon responded:
The only member responses entered into MIDAS and stored in the MIDAS database are status indicators for each detail claim line, and notes that the member can enter for their own future reference. The status options are “valid,” “needs research,” and “suspicious.” This information will be retained in MIDAS as long as the member remains active. Once the membership becomes inactive, this data is purged according to data retention policy.
PHIprivacy.net also asked for more information about how the MIDAS team helps consumers if the patient flags a transaction suspicious:
The MIDAS team takes action with multiple steps. Once a patient flags an item as suspicious, the MIDAS intake team reaches out to the patient to discuss the matter and to eliminate other possibilities. Once it is determined that the item is questionable (for example, the patient hasn’t visited the provider listed or x-rays were not taken), then it goes to ACFE-certified Special Investigations Unit where it is handled. Depending on the situation, the payer or law enforcement would be included. If it turns out to be medical identity theft, the resolution could include fraud alerts, potential freezes, and yes, the MIDAS team would get it removed from the patient’s records.
Well, that sounds helpful! I asked one last question for now: “With whom may MIDAS share patient information? Is there any party other than the payor/insurer who gets access to any of the patients’ info? If so, who, or what kinds of entities?”
Their response:
No MIDAS patient information is shared.
And that was the right answer.
Right now, only consumers whose health plans sign up with MIDAS can take advantage of this service. You might want to ask your insurer whether they offer this service.
More information about MIDAS can be found here: www2.idexpertscorp.com/MIDAS.