Medicare Drags Feet On Secure Patient IDs
Medicare increases identity theft risk because it uses social security numbers as patient identifiers, says GAO report.
Other federal agencies are already moving in this direction, GAO pointed out. Both the Department of Defense (DOD) and the Department of Veterans Affairs (VA) plan to switch to new patient identification systems by 2016. The Office of Management and Budget (OMB) in 2007 required all federal agencies to establish plans for the replacement of SSNs as identifiers. But CMS continues to drag its feet, GAO found.
CMS officials told GAO that they agree the SSN identifier should be replaced. But they said the changeover should be done in accordance with its requirements for managing the lifecycle of IT projects. GAO pointed out that CMS has not taken some of the key steps involved in that lifecycle process.
Among the steps that CMS has taken is to identify "internal and external stakeholder systems that could be affected if the SSN was removed from [Medicare] cards." In a report to Congress last May, the agency said that, of its more than 200 electronic systems, 72 could be affected by the introduction of a new identifier. Significant changes would have to be made to three systems that provide the functionality for determining beneficiaries' eligibility for specific treatments and services, validating and adjudicating hospital claims, and sharing data for coordination of benefits payments for secondary coverage.
Post a comment to the original version of this story on InformationWeek