The Centers for Medicare & Medicaid Services (CMS) warns physicians to be aware of common phishing scams for medical records, such as fraudulent medical records requests faxed to practices.
CMS recommends physicians review any request for signs of a scam, including:
- Requests that direct physicians to send records to an unfamiliar fax number or address;
- Requests that reference Medicare.gov or @Medicare (.gov); and
- Requests that indicate the sender needs records to “update insurance accordingly.”
Texas Medical Association experts say that practices should question all requests before they send medical records. If they are unable to identify if the request is valid or if they are unable to get a hold of the plan or third-party requester, practices should reach out to TMA payment experts.
A scam request may include:
- Poor grammar, misspellings, or strange wording;
- Incorrect phone numbers;
- Skewed or outdated logos; and
- Graphics that are cut and pasted.
CMS instructs physicians who believe they have received a fraudulent or questionable request to work with their medical review contractor to confirm the request’s validity. Physicians should also submit medical documentation through the Electronic Submission of Medical Documentation system or CMS medical review contractor secure internet portals, when available.
For more information about medical record best practices, phishing, and other virtual scams, visit TMA’s Physician Payment Resource Center.
Last Updated On
July 01, 2024
Originally Published On
June 26, 2024
Alisa Pierce
Reporter, Division of Communications and Marketing
(512) 370-1469