National Provider Identifiers Are Vulnerable to Theft
NPIs in electronic health records are accessible by rogue employees and possible cyberattacks.
HealthDay News — National Provider Identifiers (NPIs) are vulnerable to identity theft, according to an article published in Physicians Practice.
Thousands of health care providers' NPIs are stolen each year and are used for further fraudulent schemes, including Medicaid and Medicare fraud. NPIs are vulnerable because they are not confidential and are publicly available on the National Plan and Provider Enumeration System. In addition, NPIs in electronic health records are accessible by rogue employees and possible cyberattacks.
To prevent NPI theft and resulting health care fraud, there are steps providers can take. These include sharing NPIs sparingly and knowing who is using the NPI and why. Providers can monitor claims and reimbursements to verify that billed services match actual income and that reimbursements are not being diverted elsewhere. They also can monitor enrollment information and report any changes, such as practice location. A provider who suspects NPI theft should contact the Centers for Medicare & Medicaid Services' Center for Program Integrity immediately.
"If your NPI is compromised, make the proper reports and notifications; investigate and identify the cause of the theft; and when appropriate, file suit," according to the article. "The sooner you take action the better."