Health apps open to hacking, theft of personal medical info

There are many different types of identity theft, and different ways that data breaches can harm you. While this crime can have devastating consequences, one form can be life threatening.

Medical identity theft and medical data breaches are a growing concern for doctors’ offices, hospitals, law enforcement and lawmakers alike. About one of every three Americans had their medical records compromised. More than 1.5 million patients’ records have been compromised in 106 medical data breaches so far this year, placing the medical/healthcare industry second in the number of breaches, following the business sector.

Patient records often contain your complete identity profile, and perhaps even your Social Security number. That makes medical files a hot commodity for identity thieves.

For starters, a typical identity thief can use or sell your medical information to receive care. That’s where the life-threatening part can come in. Your medical identity might be used fraudulently by someone who receives care for conditions or illnesses you don’t have. Once that information is part of your file, any medicines, treatment plans, or diagnoses the thief receives can threaten your safety if they don’t suit your medical needs.

The sharp rise in ransomware hack attacks against medical facilities is also a growing concern. Some hospitals pay the hackers’ ransom to avoid lawsuits and HIPAA violations. That means your medical records can net a cybercriminal a lot of money, in a variety of damaging ways.

In addition, health and fitness apps are a newer avenue for stealing your medical information. While the connection between these apps and your privacy is still a gray area, 8 out of 10 health apps have left the door wide open to data breaches and privacy violations.

It’s better to be safe than sorry with your health-tracking apps. If left unprotected or allowed to have too many permissions (like accessing your location, connecting to your contacts lists or your social-media accounts, for example), it could pose a hacking problem.

Also, putting your information at risk is your smartphone which could easily fall into the wrong hands. It’s important to passcode-protect your phone, deny unnecessary permissions on your apps, and use a strong, unique password when setting up each app’s account. 

If the industry has learned anything from hackers, it’s that they’re always one step ahead with technology. Too often, once the technology is out there and in the cloud, hackers find a way to exploit it for their gain, then consumers must learn how to protect themselves.

Just as important, consumers must ask the hard questions of their healthcare providers about where their information will end up, who can access it, and how it’ll be protected. It’s fine (and legal) to refuse to turn over your Social Security number to those who don’t need it.

It’s also imperative to review all account statements, medical insurance statements and medical bills carefully for signs that someone is billing you for care you never received.

Handle those issues immediately, and remember, if your medical identity is stolen, there’s a real possibility your identity will be used in other illicit ways. Monitor all of your accounts carefully for suspicious activity. And, when in doubt, contact the Identity Theft Resource Center to have a victim advisor answer your questions.

About the author: Eva Velasquez is CEO and president of the Identity Theft Resource Center

Un-civil civil penalties can thwart fraudsters

Crafting a model fraud law was one of the Coalition’s first agenda items when we were founded in 1993. It took us two years to complete, and still is the most complete anti-fraud model law on the streets.

The larger the fraud the stronger the penalty, our model says. Arson and other potentially life-threatening schemes merit the most-serious felony sentences. We also created a unique law exposing leaders of crash rings and organized fraud schemes to large civil fines that can bankrupt their operations.

Our “unlawful insurance act” was ahead of its time — few policymakers grasped the civil penalty’s purpose when we wrote that model in 1994. Yet with many lawmakers reluctant to strengthen criminal penalties, maybe it’s time to go after more ringleaders in civil court.

New Mexico lawmakers resist allowing judges to aggregate the full amount of the scam when sentencing fraudsters. It would let judges mete out stiffer jail terms and fines.

New York is legendary for stonewalling much-needed laws clamping down on recruiters for crash rings, and other scammers. Key committee staff typically see little need for more felonies. And supporters of tougher laws are unwilling to compromise with light misdemeanors that would discourage over-worked prosecutors from taking cases.

Some states also want to decriminalize some offenses that, the thinking goes, might further clog already-crowded prisons with non-violent offenders. It’s also harder to push for stricter criminal insurance penalties when there’s a move afoot to decriminalize other offenses.

Maybe we should seek more civil actions when the winds of change for tougher criminal penalties blow in our faces. Enacting large civil penalties get inside the wallets of fraudsters and remove their profit motive.

The Coalition helped Maryland and Minnesota enact a civil penalty. Both states can quickly go after fraudsters on their own, without waiting for the often slow-moving criminal system to wind its course. Maryland has seen success, and Minnesota wants to ramp up it effort.

To paraphrase Robert Frost — two roads diverge. One takes us on the difficult road for stronger criminal penalties. The other is less traveled. We seek civil actions when the criminal system isn’t set up to fully respond.

Fraud fighters need to have this discussion. Is it time to enact more civil penalties against fraudsters?

Let’s begin the talk.

About the author: Howard Goldblatt is director of government affairs for the Coalition Against Insurance Fraud.

Statutes of limitation should start when scam discovered

I’m often mistaken for an attorney. I’m not (much to my mother’s lament) but the law still is something I understand, or at least the kind that seeks to tamp down insurance fraud.

All states have laws setting timeframes for when prosecutions must be launched. Most statutes of limitation start the clock ticking when the crime is committed. That’s fine for crimes such as murder, which entail a very specific act.

Complex financial crimes such as insurance fraud are different. Insurers may discover a suspected scam well after the money was stolen. Staged-crash and medical rings might get away with bogus injury claims for years before insurers can discover them, and piece together enough evidence to earn a prosecution. Some life insurance scams can also take years to unravel.

Obvious insurance crooks who’d normally be convicted can go free on what amounts to a technicality.

Colorado and Arkansas recently gave fraud fighters more time to build cases against larger-scale scammers.

Colorado’s three-year statute of limitations starts running when the insurance crime is discovered. The clock used to start ticking when the scheme happened.

Arkansas allows five years for staged crashes (though still three years for other insurance crimes). The statute begins when the last scam occurred.

There’s also a wrinkle — fraud fighters have six-10 years if they couldn’t reasonably have discovered the scam in time.

These states grasp that complex insurance scams take time to discover and dismantle. It makes little sense to treat insurance fraud like a home burglary, bank robbery or murder. These are single acts that occur in specific moments.

Fraud fighters and victimized policyholders alike get a fair shake from the wise new laws in Colorado and Arkansas. Other states should review their statutes of limitation and follow this smart lead.

About the author: Howard Goldblatt is director of government affairs for the Coalition Against Insurance Fraud.


Fraud of the Month

Foggy addicts laced with heroin and other opioid poison trooped to Kenny Chatman’s drug treatment center and sober homes, anxious for a clean life.

Instead, Chatman plied them with more drugs and pimped out women in exchange for drug highs. The Palm Beach, Fla. entrepreneur kept his residents addicted and tethered to sober homes that often were little more the unsafe flophouses. Chatman preyed on their misery to soak health insurers for $25 million of useless sobriety treatment and drug testing.

Sober homes and drug testing have taken off in response to America’s rising tide of opioid addiction, especially cheap heroin. Hundreds of drug-treatment centers and thousands of sober homes dot Palm Beach County alone.

Many provide excellent care. Dishonest operators like Chatman also are common. Sober homes can exploit addicts for large insurance paydays. Chatman has no experience in drug treatment, but burrowed into the business with an entrepreneur’s nose for gouging insurers.

His sober homes were supposed to be drug-free, yet residents openly used. Chatman let addicts stay high. He even gave them drugs so it would appear they relapsed — needing yet more treatment. The addicts just needed to attend insurer-paid drug-treatment sessions, and give urine and saliva samples for worthless drug testing.

Alison Flory overdosed at one home called Open Arms and died. Nicole De La Pena ended up in the hospital for a week, and survived.

Women pimped for money

“Sober homes can exploit addicts for large insurance paydays. Chatman has no experience in drug treatment, but burrowed into the business with an entrepreneur’s nose for gouging insurers. ”Human trafficking kept Chapman’s insurance con humming as well. He pimped some women on and He made them have sex at the homes, hotels or motels for money. Chapman kept their drugs coming as well so they’d stick around for more bogus tests and treatment. Chatman threatened to kick the women onto the streets, without drugs, if they complained. Women were kept under close watch in one home where the windows where screwed shut.

Chatman threatened violence to keep residents in drug-addled slavery. He also stored their car keys, phones, meds and food stamps in his office to keep residents from escaping.

Carpets at one of chaotic sober home were stained with dried blood, bare mattresses lay around, and trash was strewn throughout, witnesses say.

Drug-testing labs paid Chatman large kickbacks to refer addicts for bogus urine and saliva testing. More than 40 private and taxpayer-funded insurers were billed.

Exploited urine tests

Urine testing is a $1-billion money-maker in South Palm Beach County alone, the Palm Beach Post says. A single bogus test can rake in thousands of dollars from private insurers, Medicare or Medicaid. Unneeded repeat testing can pile up more insurance bills. So can useless tests by multiple labs for the same addict, as can tests for drugs an addict doesn’t use.

Doctors on Chatman’s payroll rubber-stamped prescriptions for false drug tests. He often submitted urine and saliva samples from employees instead of patients — drugged-up residents couldn’t have passed. He also forged patient signatures on treatment sign-in sheets, and ordered tests before residents even saw a doctor. Allergy tests were ordered whether or not residents had allergies.

Convicted of felony credit-card skimming, Chatman isn’t even allowed into the drug-treatment industry. He illegally installed his wife Laura as the straw owner while running the operations himself.

Chatman overdosed on greed, and pleaded guilty. His sober home will be a federal jail cell. He’ll have decades to shape up and dry out when sentenced.

Could bogus health scams emerge from health reform

It’s anyone’s guess what will happen with the off-again, on-again attempts to repeal/replace/improve the Affordable Care Act.

But one thing seems sure: Republicans in Congress and the White House seem bent on pushing a couple of changes every scam artist should love.

The first is H.R. 1101, the Small Business Health Fairness Act of 2017. It would allow health insurance to be sold through association health plans. It sounds like a solid idea — get a bunch of like-minded people or businesses together, form your own plan and buy coverage in the unregulated secondary market. There’s a lot of problems here, as consumer and healthcare groups point out in a recent letter to Congress.

Our biggest beef is that the bill would exempt AHPs from some state regulation. Lax scrutiny could tempt scam artists to set up their own AHP, collect a ton of premiums and then disappear. It’s happened before.

The same scenario is likely with selling health insurance across state lines. The lack of regulatory oversight is an invitation for scam artists to defraud individuals and businesses by setting up bogus health plans.

The White House likens selling health insurance across state lines to selling auto insurance across state lines, which to our knowledge doesn’t happen. Do supporters of these proposals simply not understand the potential consequences for consumers?

Most supporters probably don’t remember the last wave of bogus health plans during 2000-2002. The Government Accountability Office reported 144 unauthorized entities peddled bogus health coverage to more than 200,000 policyholders. The cons stole at least a quarter billion dollars in lost premiums and unpaid medical claims many victims were forced to pay out of their own pockets. One family had a child with brain cancer, only to discover they’d bought fake coverage.

Stricter laws and tighter regulation followed, and the bogus health plans seemed to disappear. Whatever happens with healthcare, let’s hope Congress has the wisdom to first do no harm in aiding and abetting healthcare scams.

About the author: Dennis Jay is executive director of the Coalition Against Insurance Fraud.


Axed prosecutor leaves gap in fraud fight

If I was an insurance scammer I’d be doing my happy dance. President Trump’s axing of Preet Bharara removes the nation’s most formidable federal fraud buster.

Bharara’s best-known for convicting crooked government officials, insider traders and ponzi artists like Madoff. Bharara also hunted down many of the nation’s largest insurance-fraud rings as U.S. Attorney for the Southern District of New York.

He assembled a crack team of super-smart attorneys who went after insurance fraudsters with a mission-drive passion. Bharara built an unmatched courtroom machinery.

Scores of the large insurance rings went down — Medicare, staged-crashes, disability and other corrupt operations. Hundreds of insurance scammers likely were swept off the streets since President Obama installed Bharara in 2009. The savings in stolen insurance money probably reaches many billions of dollars.

The largest no-fault crash ring in history crumbled under his grip. It was a $279-million behemoth of fake whiplash claims that earned ringleader Michael Danilovich a place in the Insurance Fraud Hall of Shame.

Dozens of Long Island Railroad employees lived the good life. They took early retirement after a corrupt doc falsely certified them — for bribes — as disabled. They took millions in taxpayer disability money while golfing, traveling, working out at the gym. Bharara earned guilty pleas from 28 swindlers and convicted the rest.

Wealthy Russian diplomats scattered after he went after them for swindling Medicaid, the federal health program for the poor.

In what may be his last case, Bharara charged ringleaders in a suspected $57-million Medicaid ripoff centered around a clinic in New York City in early March.

Incoming presidents routinely purge the U.S. attorneys, who are party appointees. It was inevitable that Obama’s brightest courtroom light would be ushered out the door.

New York is an epicenter of large insurance scams. Much is driven by vast underworld crime cartels and syndicates. Billions of insurance dollars are on the line.

We’ll urge Bharara’s Republican successor to keep insurance crime a high priority — and even expand operations with the same passion that drove Bharara. Let’s turn that fraudster happy dance back into a trail of tears.

About the author: Jim Quiggle is director of communications for the Coalition Against Insurance Fraud.


Why dishonest claims turn violent

Prentice Ponds was trapped. He bought a damaged Chevy Camaro on eBay, then did a dumb thing. The Tulsa man billed his auto insurer for repairs, lying he crashed the car after buying it.

A suspicious insurer adjuster came to his Tulsa home for a chat. Mark Frayne had the original eBay photos. That damage matched the crunched auto parts in photos Ponds gave Repwest Insurance.

Ponds panicked and beat up Frayne — breaking his ribs, lacerating his head, and stealing his claim evidence. The jury came down hard. Ponds got life in state prison for the assault and robbery, and 25 years for the insurance plot.

Fraud fighters often put their safety and even lives on the line. Insurance cheaters can be panicky, jittery, unhinged when interviewed in the field. Jail’s coming on fast, their careers and jobs lost. They lash out, somehow thinking a fist or gun will bail them out of a conviction.

Kim Sledge and Rhett Jeansonne were respected investigators for the Louisiana insurance department. They knocked on the office door of an insurance agent suspected of stealing client premiums. The agent ambushed Kim and Rhett. He gunned them down, then shot himself.

Sallie Rohrbach was an auditor for the North Carolina insurance department. She was reviewing the books of an agent who might’ve stolen client premiums. Michael Howell clubbed Sallie to death with a chair in his office.

Fraudsters have ordered hits on witnesses, tried to bully them from testifying, and even plotted to murder judges. Fortunately the hits didn’t come off, though were just one trigger pull from erasing lives.

So let’s applaud fraud fighters, who know violence can come with their next knock on a door. Let’s also rethink insurance fraud. A few small, silly claims? Tell that to neighbors who’ve died in botched home insurance arsons. And especially, tell it to the families who Kim, Rhett and Sallie left behind.

About the author: Jim Quiggle is director of communications for the Coalition Against Insurance Fraud.