Healthcare Information Security

Cybersecurity News

MIFA pools resources to avert medical identity fraud

By Patrick Ouellette

- The newly-formed Medical Identity Fraud Alliance (MIFA) is throwing its hat in the ring of organizations building healthcare anti-fraud best practices by connecting healthcare vendors, payers, healthcare providers and service providers to an information-sharing network.

Similar to the National Health Information Sharing and Analysis Center (NH-ISAC), MIFA members will discuss medical identity fraud experiences, including successes and pitfalls and the latest identity fraud trends. Every time a healthcare organization reports a data breach, among the biggest concerns is if personally identifiable information (PII) such as Social Security numbers have been compromised. As healthcare data has become more integrated, fraud has gained popularity.

Bill Barr, MIFA development coordinator and co-founder of the Smart Card Forum and Robin Slade, MIFA development coordinator and Senior Vice President of the Santa Fe Group, plan on using their financial fraud prevention experiences to help stem the medical identity fraud tide. According to Barr, about 40 percent of medical ID theft victims have had their health insurance canceled due to fraudulent charges. Barr learned early on in healthcare that the industry is very fragmented.

There are tons of insurance companies, lots of healthcare providers, all sorts of technology and service providers. And even in the regulatory environment, it’s pretty divided and a number of organizations get involved. In a fragmented world, it’s very difficult to come up with standards and an environment where you can easily share best practices and the CIOs and CISOs can talk to each other and potentially learn about new forms of fraud. One of the main goals of MIFA is to facilitate information sharing among everyone in the ecosystem.

Slade maintains that MIFA will be a member-driven organization with a board of directors and steering committee derived from its membership to help address the initiatives that members have helped to decide upon. Those initiatives will look at best practices, technologies and processes that organizations can use to help divert fraud. One of MIFA’s first projects will be working on benchmarking and research. Slade said she thinks there’s opportunity in the healthcare industry to share information and identify fraud faster and work cooperatively with others to determine strengths and weaknesses.

As stated earlier, this isn’t the first effort being made toward gathering best practices in the healthcare industry. But Slade believes there’s a strong need for education among providers, vendors and payers alike.

We need to get the members together to talk about [what’s important to them], but clearly we aren’t trying to re-invent the wheel. We’re talking with other organizations such as the NH-ISAC to ensure that whatever we develop isn’t duplicative, but rather complimentary to what’s happening today. What’s going on in healthcare today is similar to the financial industry 15 years ago with the advent of e-commerce. There’s a lot of education that needs to be done, not just on the consumer side but also within the healthcare industry itself to help protect patient data.

As far as specific benchmarking projects go, Slade said that because MIFA is so new, it doesn’t have that yet. But she expects the group’s skill from the financial side to be an asset. “Fraud doesn’t go away, it just changes,” she said. “By sharing the information and working cooperatively year after year, [fraud can be diverted].”

Slade went on to say that the main focus at the moment is to launch MIFA, but one of the group’s first benchmarking projects is to further quantify the fraud. MIFA is in the final stages of a study sponsored by MIFA and conducted by the Ponemon Institute that’s designed to determine the impact of medical identity theft on consumers.

According to the MIFA website, membership dues are aligned with market capitol or net revenue:



SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks

Continue to site...