Know Your Patient (KYP) - the next big thing in health care

Know Your Patient (KYP) – the next big thing in health care

Its high time the hospital industry must think beyond providing just giving medical assistance to their patients – securing patient privacy and data is becoming vital. 

One problem that literally every industry faces nowadays is fraud/scam/manipulation or whatever you wish to call it. Surprisingly it doesn’t change much across industries. One fraud “identity theft” is raising havoc, causing losses of worth millions of dollars to businesses. The health care industry is not devoid of these frauds. The recent AMCA data breach exposed 2.2 million patient records and caused the company to file for bankruptcy. The need for identity screening of patients is increasing. 

On the other hand, the world is becoming completely digital and the need to monitor this rapid digitization is necessary. Given these rapid changes, regulatory authorities are also concerned about patient rights and misdelivery of services. Let’s have a look at some common use cases of Know Your Patient (KYP) in the health care industry.

Ponemon Institute chairman, Dr. Larry Ponemon said; “We don’t think this is an anomaly, we think this crime is becoming more popular with criminals because a medical record is actually more valuable than other forms of personally identifiable information, like a credit or debit card record.”

One stolen medical identity may cause a patient to lose his/her life. Because when a criminal uses the stolen medical credentials to get free services the medical record is altered for his personal medical history, which is definitely different from the medical credentials of the victim. Or it may tarnish the reputation of the medical identity theft victim, and the hospital who took patients with fake identities. 

The consequences of medical identity theft are critically devastating, for example, A woman named Anndorie Cromar was about to lose custody of her four children due to medical identity theft. A woman gave birth to a child using Cromar’s identity and the child tested positive for drugs. This raised havoc in Cromar’s life when an inquiry started on her. In case the hospital had verified the identity of that woman it would have saved a lot of time, effort and money of the identity theft victim, child protection agencies, and the hospital as well. 

Most of the times people just let go of this negligence conducted by the hospital but what about those who sue the hospital management? It will definitely cost monetary and reputational loss to the hospital. So why not prevent all this destruction with a few seconds verification of your patients. 

Health care is a massive yet delicate industry where human life is at stake. That’s why doctors and paramedical staff spend years in medical schools, laboratories and hospitals learning the ultimate trick to save lives. Sometimes there are black sheep among these skilled people who claim to have necessary skills and certifications but it is a blatant lie. This lie was told by a woman in Morristown in the U.S. She successfully manipulated at least eight health care providers, regarding her experience and medical certifications. Thankfully she was arrested in 2019 and jailed along with a fine of $750,000. Such incidents are the indication that identity fraud is prevalent in the health care sector. Identity screening of paramedical staff is also inevitable. Online verification of paramedical staff before hiring them takes just a few seconds but saves the hospital from major losses.  

Verify the age before handing over those prescribed drugs

Online pharmacies in the UK are required to verify the age of their buyers under the latest guidance of the General Pharmaceutical Council. Compliance with these laws is vital to secure patients’ and drug seller’s interests. Sometimes minors use the prescription of an elder to get drugs that are not entitled to them. This misuse of prescriptions leads to drug addiction and excessive drug intake by minors that may lead to health/life loss. So verify the age of your customers before handing over any drugs to them.   

Also, the authorities are not ignorant of the information collected by the hospitals. Proper security and record of patient information are necessary to fully comply with the data protection laws. For instance, in the U.S HIPPA (Health Insurance Portability and Accountability Act) is implemented. 

The law states

“It included Administrative Simplification provisions that required HHS to adopt national standards for electronic health care transactions and code sets, unique health identifiers, and security.” 

Shufti Pro’s identity screening and age verification solutions are fully compliant with GDPR which means your patient data is handled with utmost care. 

Increase in non-traditional players in health care industry

The health care industry is evolving and digital substitutes are emerging in the industry. Health care apps are available where people can connect with doctors online and get prescriptions. For example, China’s Ping An Good Doctors App helps patients get certified medical advice while sitting at their homes. 

This evolution is threatened by misuse, breach and un-monitored use of patient data. On the other hand, the risk of misguidance is also high as in this case patient doesn’t have a face to face interaction with a doctor. KYP screening is the best way to know maintain a transparent patient to doctor relationship in cloud spaces. It ensures that the patient is telling the right symptoms and not lies to get prescribed drugs. 

In this scenario where fraud and health care industry is evolving the need for equally competent solutions for patient’s identity verification is increasing. It can be conducted with the help of digital identity screening solutions. 

How does KYP (identity screening of patients) work?

KYP is another name of Know Your Customer (KYC) modified for specific industrial usage. It helps hospitals to reduce the risk of medical identity theft related crimes, and misuse of patient’s information.  

KYP screening starts with the integration of an identity screening and age verification solution with the website/web portal or app of your hospital or drug store. Once the integration process is completed the patient is verified through his identity document. 

Let’s see how verification is performed.

  1. The patient shows an identity document to the selfie camera of his phone or a webcam along with his face. 
  2. The AI-based system detects and fetches the information from the identity document and matches it with the information provided by the patient at the time of registration. The identity screening solution also verifies the identity document for default format and ensures that fake identity documents are not used for verifications. 
  3. Biometric authentication is conducted through liveness detection and 3D depth perception to perform face verification. 
  4. Age verification can also be conducted through Date of Birth verification. 
  5. Verification results are shown to the patient and updated in the back-office within seconds. 

Hospitals are a place where every second matter, swift identity screening solution ensures that minimum time is spent on verification measures and the patient is getting the medical services he/she is entitled to. The rise in medical identity theft is demanding this advancement in patient onboarding processes. 

Know Your Patient Anti Fraud Pill for Healthcare Industry

Know Your Patient: Anti-Fraud Pill for Healthcare Industry

Know Your Patient: The healthcare industry is more prone to data breaches than any other industry. About 30% of large data breaches have been recorded over the last decade that has affected millions of employees and customers. These data breaches have multiple forms, they vary from credentials stealing to purposefully data disclosure to stolen devices. The medical databases contain highly sensitive information that is not only related to the patient’s personal information but also sensitive information which includes medical history, health insurance details, etc. This data is of much interest to cybercriminals who steal data and use it for malevolent purposes. Statistics show that 34% of healthcare data breaches are the result of unauthorized or uncontrolled data access. Records are also compromised because due to the ransomware and malicious executables that fraudsters inject into the system and hack all data.

A bunch of data breaches has been recorded in the U.S. These are either the results of system/server hacking, theft, and unauthorized data access or disclosures. The following are some of the large breaches that happened in medical institutions which include insurance companies, healthcare providers, pharmacies and pharmaceuticals.

Affected Entity Affected People Type of Breach
Magellan Healthcare 55637 Hacking
Premier Family Medical 320000 Hacking
Conway Regional Health System 37000 Unauthorized data access
Northstar Anesthesia, P.A. 19807 Unauthorized data access
Renown Health 27004 Portable Electronic device
Wisconsin Diagnostic Laboratories 114985 Hacking

Such huge data breaches collectively induce a great impact on the country’s economy and reputation. A huge data breach named Anthem breach affected about 78.8 million people in 2017 which include not only the patients but employees too. The insurance company was subjected to $115 million by the lawsuits due to a sensitive data record breach. Hospitals, laboratories, insurance companies, and pharmacies should adopt dynamic measures to combat the risks of cyber-attacks and other unexpected ways of data breaches. Not only this, to comply with the local regulators and regimes, it is crucially important to implement security on the sensitive databases that can directly or indirectly impact the lives of customers and employees. The organizations that fail to comply with the regulations will have to suffer from harsh penalties and fines. 

Significance of Know Your Patient:

Taking into account the concept of Know Your Customer (KYC) , that is supposed to provide a defense line to the banks and financial institutions in the form of customer identification and verification not only to ensure online security and eliminating money laundering of businesses but to comply with local regimes and norms. Similarly, for the healthcare sector, there is dire need to take steps that can deter the risks of data breaches, taking further the concept of electronic KYC, KYP holds the same importance in the medical industry. Knowing patients should be a primary step to fight against cybercrimes, prescription fraud, and data breaches. For each patient, ensure the identity of the customer and introduce efficient processes to provide an actual patient with the prescription, test results, reports and documents. 

Fraudsters try to breach the hospital security system and use the real identity of the customer to get access to the identity relevant information which is then used for malicious purposes that can be dangerous for the customer. This is more common in the online systems where identity theft or credentials theft could lead to data breaches, also to verify the age before giving the prescription to customers is also important. These security checks form a reliable and reputable medical institution, that has implemented the cautions at the system’s end.

How KYP works?

Online identity verification is conducted for the Know Your Patient (KYP) process. For the online account opening of an online medical store or hospital portal, the system will ask the online customer to provide an official id document that could be an id card, passport or driving license, the one having a picture on it. Secondly, it would ask the patient to capture a selfie from webcam/ mobile phone and upload. The system would conduct face verification and verify the facial features of the picture on the provided document and face captured in real-time. If both matches, the system proceeds further. 

Age verification check is also embedded in the system that verifies the age of the customer and then prescribes medicines respectively. Age verification has certain parameters that ensure the actual age of a person through the supporting document. The details from the document are extracted and matched with the one user has entered into the portal. Not only this, customer screening is done against AML background checks and sanctions lists to make sure that the user’s name is not in any criminal record before. Hence, after these verifications, the patient’s account is opened. Regulatory authorities have taken data privacy and user rights serious. It is now the responsibility of each institution dealing with customer data, to install security software and online verification into their system. This can reduce the risks of the entrance of bad actors and actions in the system.

Online identity Verification – Its Use Cases to Prevent Online Medical Fraud

Technological advancement in digitization demands innovative solutions to perform digital identity proofing successfully. These solutions involve biometric authentication of identities online not only restricted to fingerprint scanning but extends to face verification providing better and robust user experience at the same time. A cost-effective solution to fight with fake identities and authenticating them against the argument that ‘they are the one who they say they are’. Taking into account the need for online identity verification in the healthcare sector, let’s have a look at the use-cases its cover.

  • Patient’s Data Privacy

The Health Insurance Portability and Accountability Act (HIPAA) has established a set of standards and guidelines to deal with the patient’s data. To secure sensitive information, these sets of instructions need to be followed by every medical institution on a serious note. The data flow should be monitored continuously to avoid any breach and maintaining the integrity of medical records. Any discrepancy can lead to severe harm to the patient. 

An organization that deals with Protected Health Information (PHI) needs to take measures to protect the personal and sensitive information of the patient. Otherwise, a data breach can result in harsh regulatory fines.

  • Age verification for online prescription

Online pharmacies need to verify the identity of the patient before shipping medicine to them. Also, age verification should be done by the online pharmacies and hospital portals to prescribe medicine to patients based on their age. There is age-restricted medicine in the stores which need proper age verification check, otherwise, it would be illegal to sell medicines to the under-age patients. Age verification can be performed using some official supported document that acts as evidence of legal age for a particular medicine. Keeping it streamlined for both the patient and doctor, a user-friendly verification system can help reduce online data frauds.

  • Insurance Fraud

Online data breaches which include a patient’s identity and data, once compromised do not only affect the patient financially but the insurance details can be used for fraudulent activities. A fraudster can use that information to enjoy medical insurance for himself, get the prescribed medicine, and claim the insurance with the medical insurance company. Identity theft can surely affect the health of the patient if it gets tempered by the thief. Medical history and payment records can also get affected.

The patient’s data is not less than an asset for the institution and patient itself. Before dealing with customers online, make sure it is an actual person. The confidential database should be properly taken care of to combat the online frauds and incidences of data breaches. Data integrity should be maintained to secure the association of correct data with the right individual. Identification of the need for Know Your Patient is important for the medical sector as KYC is important to financial institutions, this fact can surely contribute to the elimination of identity theft and ventures of data tampering.