IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Pennsylvania Hospital Unveils New Identification Technology

As the rate of medical identity theft continues to increase, Wayne Memorial Hospital is installing new biometric technology, which officials say adds another layer of security to the patient identification process.

(TNS) -- Tom Hoffman slid his right index finger above the scanner, waiting for the red light to flash and a green check mark to appear on a nearby computer monitor.

Within seconds, the scanner — found at a patient registration point at Wayne Memorial Hospital — read the ridges and bifurcations on his fingertip and used the data to create a code that verified his identity and linked to his electronic medical record.

“The main reason we are doing this is to positively identify the patients so we can reduce the chances of medical fraud and identity theft,” said Mr. Hoffman, manager of information services at the hospital.

As the rate of medical identity theft continues to increase nationwide, Wayne Memorial Hospital is installing new biometric technology called SafeChx, which officials say adds another layer of security to the patient identification process.

Starting Monday, the technology will be available at all hospital registration points, allowing patients the option to scan their fingers and create their own unique code in addition to showing photo identification and providing their date of birth and Social Security number.

Wayne Memorial joins a list of more than 60 hospitals nationwide to install the system, which is manufactured by CrossChx. Once a patient registers, their code — not fingerprint — is stored on a CrossChx database.

When patients scan their finger at future visits, their personal information, such as name and date of birth, will appear on the computer screen. The employee at the registration desk will then ask the patient for his or her personal information to see if it matches.

“I don’t think (medical identity fraud) is a huge issue here in rural Pennsylvania, but we think it’s a great opportunity to reduce the potential for medical errors and the risk of identity fraud,” said chief executive officer David Hoff. “It just adds another layer to the identification process.”

Medical identity theft affects about 1.84 million people nationwide, with victims paying more than $12 billion in out-of-pocket costs, a 2013 survey conducted by the Ponemon Institute, a privacy and information management research firm. It occurs when someone uses an individual’s name and personal identity to fraudulently receive medical services, goods or prescription drugs, and includes attempts to commit fraudulent billing.

Compared to some other types of identity theft, medical identity theft is a lucrative business, experts said. While a stolen social security card might only carry a street value of $1, a stolen medical identity is worth $50, estimated the nonprofit research firm, World Privacy Forum.

Yet it also poses a threat to patient safety, experts argue.

“It’s also a patient care issue because the patient who is impersonating someone else might get inappropriate treatment,” said Martin Ciccocioppo, vice president of research at the Hospital & Healthsystem Association of Pennsylvania.

Doctors, he explained, factor a patient’s medical history when determining treatment or a diagnosis. So when they evaluate a patient who has stolen — or assumed — another person’s identity, doctors unknowingly rely on inaccurate information, which could lead to a misdiagnosis, mistreatment or wrong prescriptions.

“It interferes with patient treatment,” he said.

The idea of using biometrics technology to solve medical identity theft is well-intentioned but misplaced, said Pam Dixon, executive director of the World Privacy Forum. She argued that most problems come from  insider access, such as third-party companies.

Health systems must have a plan in place in the event of a data breach, she said, so patients don’t face significant consequences and there is minimum impact.

“If you have a healthcare database, it’s like a honey pot for thieves because it’s lucrative data,” said Ms. Dixon, who has researched medical identity theft for more than 10 years and served as the co-chair of the California Privacy and Security Advisory Board. “The majority of cases happen because internal systems are breached by employees.”

©2014 The Times-Tribune (Scranton, Pa.)