Appendix 1: Identity Theft Red Flags Mitigation and Resolution Procedures



Similar documents
Physician Office Compliance with the Red Flag Rule

Identity Theft Prevention & Detection Red Flags Rule Compliance Policy Procedures I. Identify red flags.

DOYLESTOWN FAMILY MEDICINE, P.C. IDENTITY THEFT PREVENTION PROGRAM TEMPLATE ADOPTED AND EFFECTIVE: APRIL 15, 2009 UPDATED:

Administrative Procedure 5800 Prevention of Identity Theft in Student Financial Transactions

Facts About FACTA Red Flag Identity Theft Prevention Program

University of St. Thomas. Identity Theft Prevention Program. (Red Flags Regulation Response)

RANDOLPH COUNTY EMERGENCY SERVICES & TAX DEPARTMENT. Identity Theft Prevention Program. Adopted August 3, 2009 Effective beginning August 1, 2009

[FACILITY NAME] IDENTITY THEFT PREVENTION PROGRAM. Effective May 1, 2009

DSU Identity Theft Prevention Policy No. DSU

ACCG Identity Theft Prevention Program. ACCG 50 Hurt Plaza, Suite 1000 Atlanta, Georgia (404) (404)

Red Flag Rules and Aging Services: What You Need to Know

RADLEY ACURA RED FLAG IDENTITY THEFT PROTECTION PROGRAM and ADDRESS DISCREPANCY PROGRAM

Detecting, Preventing, and Mitigating Identity Theft

EXHIBIT A Identity Theft Protection Program. Definitions. For purposes of the Policy, the following definitions apply (1);

University Policy: Identity Theft Prevention Policy

Identity Theft Prevention Program

Interagency Guidelines on Identity Theft Detection, Prevention, and Mitigation

I. Purpose. Definition. a. Identity Theft - a fraud committed or attempted using the identifying information of another person without authority.

Identity Theft Policy Created: June 10, 2009 Author: Financial Services and Information Technology Services Version: 1.0

IDENTITY THEFT DETECTION POLICY

Texas A&M University Commerce. Identity Theft Prevention Program Effective beginning May 1, 2009

MCPHS IDENTITY THEFT POLICY

Z1.01 Guideline: Identity Theft Prevention Program

Wake Forest University. Identity Theft Prevention Program. Effective May 1, 2009

DHHS POLICIES AND PROCEDURES

II. F. Identity Theft Prevention

CITY OF MARQUETTE, MICHIGAN CITY COMMISSION POLICY

University Identity Theft and Detection Program (NEW) All Campuses and All Service Providers Subject to the Red Flags Rule

Ouachita Baptist University. Identity Theft Policy and Program

Florida International University. Identity Theft Prevention Program. Effective beginning August 1, 2009

Red Flag Rules Information and Training

Identification of Red Flags, Detecting Red Flags, and Preventing and Mitigating Identity Theft

Identity theft. A fraud committed or attempted using the identifying information of another person without authority.

Identity Theft Prevention Program. Effective: November 1, 2009

Village of Brockport Identity Theft Prevention Program Effective December 1, 2009 Confirmed 7/21/14

Red Flag Identity Theft Financial Policy 1.10

Identity theft prevention program and red flag compliance policy.

NEVADA SYSTEM OF HIGHER EDUCATION PROCEDURES AND GUIDELINES MANUAL CHAPTER 13 IDENTITY THEFT PREVENTION PROGRAM (RED FLAG RULES)

RANDOLPH COUNTY PUBLIC WORKS. Identity Theft Prevention Program. Adopted September 1, 2009 Effective beginning September 1, 2009

identity TheFT PREVENTION Programs and Response

UNION COUNTY S IDENTITY THEFT PREVENTION PROGRAM

Number: Index

Oklahoma State University Policy and Procedures. Red Flags Rules and Identity Theft Prevention

POLICY NO. 449 IDENTITY THEFT PREVENTION POLICY

Transcription:

Suspicious Personal Identifying Information Documents provided for identification appear to have been altered or forged. The photo or physical description of the person is not consistent with the appearance of the person. provided by the person is not consistent with other personal identifying information provided. provided is of a type associated with fraud. For example: the address is fictitious; phone number is invalid or associated with a pager The SSN provided is the same as that submitted by other persons opening an account or other customers provided is not consistent with personnel information that is on file with the financial institution, creditor or VMH Resident has an insurance number but never produces an insurance card or other physical documentation of insurance Stop the admission/billing process and Stop the admission/billing process and 1

Suspicious Account Activity Information about unauthorized charges in the resident s account Mail sent to the resident s home that s returned repeatedly as undeliverable although transactions continue to be conducted in connection with the resident s covered account Stop all account activities Notify the resident and/or NOK to provide additional satisfactory documentation to verify account activity. Stop all account activities. Skip-tracing procedures are used to find the resident s current HOR address Begin an internal inquiry into the account activities. Resident s family/responsible other notified If the results of the investigation do not indicate fraud, all contact and identity information is re-verified with the resident Notice From Other Sources A complaint or inquiry is received from a resident based on receipt of: -a bill for another person; -a bill for a product or service the resident denies receiving; -a bill from a healthcare provider that the resident never patronized; -a notice of insurance benefits (or explanation of benefits EOB) for health services never received by the resident; -information added to a credit report by a healthcare provider or insurance company; -a collection notice from a bill collector with whom the resident has had no transactions. -Investigate the complaint; -Interview individuals as appropriate; -Contact the other healthcare provider or insurance company; -Gather as much information as possible concerning the questionable bill. Contact the resident s family or POA to discuss the situation; Inform the CEO/designee of this discrepancy; Contact the local or State police, as needed, to notify them of these suspicious circumstances Follow police instructions, or contact the State Division of Consumer Affairs. 2

VMH is notified by a resident who is a victim of identity theft, by law enforcement, or by others that it has opened a fraudulent account for a person engaged in identity theft. An employee or volunteer or agency worker has access to a resident s SS number and other identifying information and buys goods based on resident s ID. Resident or insurance company report that coverage for legitimate hospital stay is denied because insurance benefits have been deleted or a lifetime cap has been reached Evidence that Resident Account files were accessed by unauthorized person(s) Investigate to determine if account was opened fraudulently or if billing was made fraudulently. Investigate the complaint; Interview individuals; Gather as much information as possible concerning the theft of a resident s Investigate complaint, interview individuals as appropriate If determination is made which files were accessed; re-verify account with resident or resident responsible party. Contact the CEO/designee continue service Contact insurance company as necessary Contact CEO/designee and the local or State police. Contact the credit card company, cancel that account umber continue service Contact insurance company as necessary If the results of the investigation do not indicate fraud, all contact and identity information is re-verified with the resident Enforce policy that Resident Account files must be locked when not in use. Limit access to files Provide dual lock security (i.e. door, file cabinet) Conduct periodic random review of Resident Accounts Evidence that Resident Medical Records were accessed by unauthorized person(s) 3 Maintain accurate/timely records signout log Process enforced to initial for key and use, log reviewed by Nursing supervisor Records locked when not in use

Complaint by a resident or observant employee that mail has been tampered with One department will be designated to handle all mail (i.e. Social Services) that Resident Face Sheet was being used/read by unauthorized individual(s) that Resident Blue Card was being used/read by unauthorized individual(s) This entity will then distribute both resident and VMH mail to appropriate addressee Report observation of unauthorized personnel accessing Face Sheet Report and missing face Sheets Educate staff on need to safeguard face Sheets Lock Blue Cards in box with limited access to keys/place box in a more concealed location Destroy current Blue cards replace with cards that contain to resident critical information that unauthorized access to electronic data especially MDS, has occurred that unauthorized access to Medical Insurance files has occurred/files containing identity records found open Investigate how unauthorized access occurred, interview individuals as appropriate 4 Train staff on sensitivity of Blue Cards and requirements to safeguard information contained on them Passwords changes every 90 days Employees instructed to log off computers when not in use and turn off at the end of the work day Instruct employees not to write down pass words and leave them in proximity to their computer; remove/block access points All incident recorded in security Officer s Log All Medical Insurance files locked at when not in use Establish dual lock security (i.e. door and file cabinet If determination made which files were observed, VMH will re-verify account with appropriate insurance company

Complaint or observation by employees that unauthorized access to employee records, payroll records, health records has occurred/files found open All employee records/ files locked when not in use Establish dual lock security (i.e. door and file cabinet) If determination made which files were observed, VMH will re-verify contents Revised: January 2011 Revised: August 2013 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information