How Would Your Organization Thwart A Physician Imposter?

How Would Your Organization Thwart A Physician Imposter?

Oct 3, 2018
  • Author:
    Kay Lynn Akers, CPCS
    Former VerityStream Employee
    With over 30 years of health care experience, Kay Lynn Akers brings direct insights into the challenges of the evolving industry. During her tenure at VerityStream, she has provided clients with consulting and services to assist in deploying new solutions, identifying process improvements using solution best practices and designing solutions to meet the needs of organizations across the industry. Her healthcare contact center and care provider background establishes her record of shaping solutions for clients with projects ranging from optimizing processes and software for maximum efficiency and service to supporting large consolidations.

The news recently reported a suspect was arrested after impersonating a physician at least seven times at two Southern California hospitals. It is alleged that he even diagnosed a patient in a consult room.

This was not a failure of credentialing processes. No verification will catch someone who wanders in from the street posing as a physician. Instead, it was a lack of sufficient security policies and procedures or, more likely, not following them.

The perpetrator received a temporary ID badge from hospital security staff after claiming he had lost or misplaced his badge. News articles do not say what policies were in place to verify the person’s identify but unfortunately, many visits occurred before the person was challenged for identification.

The experience of these two organizations offers all health care facilities a chance to make changes proactively to prevent this at their organization. Here are some ideas to consider when reviewing and revising policies and procedures.

  • Implement an online provider directory for security staff to consult before issuing temporary ID badges. The directory should include the provider’s status and photo for physical identification. Ideally the directory queries your master provider database in real time.
  • Before issuing a temporary badge ask for photo identification and use it in matching the provider against the provider directory.
  • Share the policy with the medical staff in advance of the policy change. This would give them the opportunity to ensure they have a current badge and start bringing it with them regularly.
  • Be prepared to back up security staff when providers complain. Providers will forget their badges occasionally and some may not be happy about the short delay caused by the identification verification process.

With so much focus on other forms of security (HIPAA, cyber, and safety), we might overlook access to our patient areas.  Eventually employees did stop the suspect and called the police. Their lesson learned can give all health care professionals pause while we think about how our organization would answer the challenge when faced with the same situation.