When many new newly eligible Medicare beneficiaries receive their insurance cards in the mail they are shocked to see their full social security number staring up at them, displayed prominently on the face of the card. The obvious security risk is troubling for many beneficiaries, especially geriatric beneficiaries that may be at greater risk of being targeted by identify fraud scammers or misplacing the wallet or purse in which the card is held.
To address this issue, the Centers for Medicare and Medicaid Services (CMS) is currently underway on a long overdue update that will affect every beneficiary in the nation. Under legislation signed in 2015 by President Obama, Medicare was tasked with issuing new insurance cards to each of its 60 million members by April 2019. The new cards will replace the beneficiary’s social security number with a unique eleven-character alpha-numeric sequence, dubbed a Medicare Beneficiary Identifier (MBI). This initiative, known as the Social Security Number Removal Initiative (SSNRI), aims to protect our nation’s Medicare enrollees from the increasing threat of identity theft and fraud.
Although today issuing cards with an individual’s social security number seems like an immediate red flag for security risk, at the time Medicare was enacted in 1965, individual identification was a significant challenge for government agencies. Utilizing social security numbers provided a convenient solution; so convenient that it became the defacto individual identifier across government agencies and private businesses.
Today, patient identification remains a hot topic as it plays a key role in health information security, data exchange, individual health preferences, provider authorizations and clinical outcomes. The challenge remains finding an accurate, interoperable and secure means to automatically match patients to their health information or, in this case, health insurance information.
This move by CMS is one that is being replicated in many parts of the healthcare industry. However, without a secure and consistent industry-wide standard, organizations are developing their own solutions, creating interoperability issues. Despite this, one positive is that the industry often follows the lead of CMS, so the SSNRI may be the starting point for a standard national patient identifier.
Though the SSNRI program is set to begin in April 2018, CMS has already begun its efforts to notify its enrollees, stating they want to make the process “as easy as possible for everybody involved.” This means, soon, newly eligible Medicare beneficiaries will no longer be shocked to see their social security number on their insurance cards.
The Federal Trade Commission’s (FTC) Consumer Information website states that that card replacement program will happen entirely automatically; no effort is required from the beneficiary. Thus, the FTC advises that under no circumstances will Medicare ever call, ask for social security or bank information or require payment from a beneficiary for their replacement card. Any attempts to obtain this information or threats against benefits should be considered a scam.
According to a recent article by NPR, the agency has set up a website (www.cms.gov/medicare/new-medicare-card), will send out handbooks explaining the new changes and has also established call centers ready to answer questions from patients and providers.