How to Identify Red Flags


A healthcare provider’s Identity Theft Prevention Program should identify red flags in four main categories: (1) suspicious documents; (2) suspicious personally identifying information; (3) suspicious activities; and (4) notices from victims of identity theft, law enforcement authorities, insurers, or others suggesting possible identity theft. 


All employees who interact with patients must be aware of things to look for in the following areas:


Suspicious documents


  • Has a new patient provided identification documents that look altered or forged? 
  • Is the photograph or physical description on the ID inconsistent with what the patient looks like? 
  • Did the patient provide other documentation inconsistent with what he or she has told an employee – for example, an inconsistent date of birth or a chronic medical condition not mentioned elsewhere?  


Suspicious personally identifying information


  • If a patient provides information that does not match what an employee has learned from other sources, it may be a red flag of identity theft. 
  • For instance, if the patient provides a home address, birth date, or Social Security number that does not match information on file or from the insurer, this may indicate fraud.


Suspicious activities


  • Is mail returned repeatedly as undeliverable, even though the patient continues to show up for appointments? 
  • Does a patient complain about receiving a bill for a service that he or she didn’t get? 
  • Is there an inconsistency between a physical examination or medical history reported by the patient and the treatment records? 


Notices from victims of identity theft, law enforcement authorities, insurers, or others suggesting possible identity theft


  • Has the provider or an employee received word about identity theft from another source? 
  • All employees must heed warnings from others that identity theft may be ongoing.


Although the above list provides some examples of things to look for to identify red flags, it is not intended to be an exhaustive list.  Instead, employees must continuously be aware of any signs of identity theft relevant to the healthcare provider’s practice and share this information with others involved in the Identity Theft Prevention Program.



 © 2009 Parsonage Vandenack Williams LLC

  For more information, contact


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s