Securing Telehealth Services and Fighting Identity Fraud with Shufti Pro’s ID Verification Solution

  • Richard Marley
  • February 03, 2022
  • 8 minutes read
  • 7822

The telehealth industry has been completely revolutionized by services ranging from medical essential to health coverage. The advancement of technologies is the key driving force behind global digitizations. On another hand, the coronavirus pandemic and its emerging trends have taught health sectors critical lessons, including the dire of innovating their services as well as enhancing their cybersecurity systems. According to predictions, the global telehealth sector is expected to reach revenue of $598.3 billion in 2028.

However, the rapid shift towards telehealth services is reducing the gap between doctors and patients yet, these services are becoming vulnerable to potential crime risks. For this reason, the SaaS providers are coming up with innovative tech-based identity verification solutions, with the objective of fighting telemedicine frauds and securing digital health operations. In addition to this, the regulatory authorities are also playing their role and are legislating essential laws. For instance, know your customer compliance that mandates the health industry to verify their customer before onboarding them.

Digital Black Market for Identity Data and Telehealth Industry 

As personal information and identity documents are readily available on the dark web, making it quite easy for fraudsters to manipulate telehealth businesses. Thus, unless rigid security systems are not integrated, the crucial data will always be at risk. Once the business databases are breached, it’s quite difficult to recover compromised information. 

The digital black market is full of criminals which are making the possibility of buying and selling personally Identifiable Information (PII) over the internet. However, the customers’ identity, as well as their dealings remain anonymous. Hence making it quite hard for regulatory bodies to determine the criminal activities. Typically, the data placed on the dark web is stolen from social media platforms, digital bank accounts, emails through phishing or malware attacks.  Other than this, large-scale cyber-attacks are also carried out for breaching businesses databases. 

Despite the different approaches being used, once cybercriminals get access to information, they can either use it to create new identities or simply sell them on the dark web. However, information or credentials has a particular price tag. A social security number sells for $1,  financial information can go as much as $110 and credentials range from $20 to $200.

Thus, due to the readily available fake documents on the internet, there is an increasing number of telehealth fraud cases. This is because many telemedicine services lack robust identity verification software, and some of them are still relying on paper-based manual authentication procedures. These vulnerabilities and loopholes are providing fraudsters ample space to defraud health care businesses.


Real-life identity theft case linked to telehealth sector 

DOJ Charges Dozens in $1.1B Telehealth Fraud Crackdown

The US Department of Justice crackdown on the organized crime group and charged 138 criminals that were involved in various healthcare scams, resulting in about $1.4 billion loss. More than 43 individuals belonging to 11 different judicial districts were fined more than $1.1 billion for carrying out telemedicine frauds. According to the court documents, telehealth executives were suspected to order irrelevant medical equipment testing and pain medicines. In addition to this, some telemedicine companies were also alleged of purchasing the order in exchange for bribes and then submitted false insurance claims.

Other than this, the DOJ crackdown included $29 million false billing linked to coronavirus, $133 million fake insurance claims in connection with sober homes, $14 million in narcotic prescription cases, and $145 million in healthcare fraud. “Healthcare fraud targets the vulnerable in our communities, our health care system, and our basic expectation of competent, available care. Despite a continued pandemic, the FBI and our law enforcement partners remain dedicated to safeguarding American taxpayers and businesses from the steep cost of health care fraud,” said Assistant Director Calvin Shivers of the FBI’s Criminal Investigative Division, in a statement.   

$174 Million Telemedicine Pharmacy Fraud Scheme Results in Criminal Convictions

The federal jury recently penalized a pharmacy owner for initiating a telemedicine scam scheme that defrauded around $174 million in false claims paid by Medicare, TRICARE, and some private insurance companies. Furthermore, the alleged entity also contracted with telemarketers to onboard patients. Then the marketing agency advertised their platform as a telehealth service provider, with heaps of doctors and physicians virtually prescribing medicines to patients. The suspect then also maximized insurance payments by picking and determining which medical prescription has to be submitted to Pharmacy Benefit Managers (PBM) for recommencement.

Thus, according to the evidence provided, the court concluded that the medical prescriptions along with insurance claims were unnecessary, and the victims were tricked into providing their medical information to them.

Global Regulation To Make Telehealth Services Secure

Both the regulatory authorities and telehealth industry are aware of criminal activities, for instance, false insurance claims, identity theft, etc. that are adversely affecting the industry’s growth. Due to this reason, the health industry needs to collaborate with the global watchdogs to work together to make the regulatory framework more rigid. AI-powered identity verification solutions and AML screening services are also developed that also assist the telehealth industry to stay put with the regulatory obligations. 

Let’s dive into the global regulatory regime 

Care Quality Commission (CQC)

The Care Quality Commission (CQC) is a regulatory body that regulates the healthcare service providers operating in England. The CQA mandates all medical service providers to get licenses in order to provide telehealth services. Businesses need to comply with the commission’s standards and must satisfy them that patients are provided with the best care and health treatments streamlined with the Health and Social Care Act 2008. This is how virtual service providers are regulated like non-digital providers. 

Furthermore, medical workers like doctors, etc are also regulated and overwatched by the health and social care regulator, like the General Dental Council and General Pharmaceutical Council, regardless of whether the telehealth service provider works for the NHS or not. The General Medical Council is another law enforcement body that issues guidance for telehealth services, whereas the General Pharmaceutical Council issued laws for online pharmacy services.

General Data Protection Regulation (GDPR)

In 2018, the general data protection regulation (GDPR) emerged with new patient data protection laws for European Union Member states. The GDPR plays a crucial role in standardizing telehealth services as the law limits the use of patients’ sensitive information. Furthermore, the Information Commissioner’s Office (ICO) advised that consent will not always be necessary for data protection in the healthcare industry.

However, as digitization is increasing the use of virtual space, guidelines, and awareness for protecting personal data will continue to grow. The Lancet and Financial Times Commission was created in October 2019, with the objective of developing laws for governing telehealth services.

 Australian Health Practitioner Regulation Agency (AHPRA)

This federal authority is responsible for regulating the healthcare workers in Australia. The regulatory body has published telehealth guidance called (“AHPRA Guidance”) on its website. It states that all registered health professionals are permitted to provide telehealth services to their patients as long as data and privacy measures are not breached. The Guidance also states that no specific medical equipment is required to provide virtual services, however, services can be provided through telephone or video calling applications.

Furthermore, the medical board of Australia has also issued “Guidelines for technology-based patient consultations” to complement the existing “Good Medical Practice: A Code of Conduct for Doctors in Australia”. Similarly, the Royal Australian College of General Practitioners (“RACGP”) has published a “Guide to providing telephone and video consultations in general practice”.

How Shufti Pro Can Help 

The new idea of telehealth services is becoming mainstream, and the demand for virtual healthcare will skyrocket even after the pandemic ends. Once the telehealth and identity verification solutions are combined, the data and privacy rights will be secured, hence, the whole process of digital services will become seamless. Other than this, the crime rate will eventually decrease and businesses can experience new heights of success.

Shufti Pro’s state-of-the-art digital identity verification service is a viable option for telehealth service providers. By employing Shufti Pro’s solution businesses can verify patients before getting them onboard with 98.67% accuracy in less than a second. Other than this, the service providers can stay put with the regulatory obligation and can avoid hefty fines.

Want to know more about robust identity verification services?