Archives     Advertise     Editorial Calendar     Subscribe     Contact Us    



Death Master Crime Fighters


 

Superheroes are often thought of as fictional, costumed crusaders who battle villains, but you need not open a comic book to marvel at the employees in various industries (including healthcare and government) who are fighting crime every day. Their weapon of choice? The Death Master File (DMF).


What is the Death Master File?

The Social Security Administration (SSA) maintains an electronic database called the NUMIDENT (short for "numerical identification") containing information on everyone who's received a social security number (SSN) since issuance began in 1936.

The DMF, a subset of the NUMIDENT, contains more than 86 million death records that the SSA has received from a variety of sources, including funeral homes, postal authorities, banks, states and federal agencies. (Note: The DMF doesn't contain information for every deceased person because many deaths go unreported.)

Per the Freedom of Information Act (FOIA), the SSA is required to release death information to the public. However, Section 205(r) of the Social Security Act exempts state information from the FOIA, thus prohibiting the SSA from disclosing death records provided by states (if a state's record is the sole source of that information) to the public. Therefore, the SSA maintains two versions of the DMF:

  • The full file (shared only with certain federal/state agencies) is made up of all death records from the NUMIDENT, including records received from states.
  • The public file, which is commonly referred to as the Social Security Death Index (SSDI), is provided to the Department of Commerce's National Technical Information Service (NTIS). The NTIS acts as a clearinghouse that sells access to this information to the public (including healthcare entities, insurance companies, federal and state agencies, banks, credit companies, genealogists, etc. that have been certified). The SSDI comprises information from the NUMIDENT, but not the death records that have been provided solely from a state.


Fighting Crime with the DMF

So how do everyday professionals combat crime with the DMF? In short, they help detect and prevent identity theft. Identity theft often involves the fraudulent use of a SSN because of its status as an authenticator of identification for numerous purposes such as obtaining employment and setting up bank accounts. Decedents' SSNs are particularly vulnerable and, thus, a frequent target for identity theft.

Our compliance heroes meticulously and methodically check information they receive in their respective jobs against the DMF to determine if there is fraudulent activity. Examples include:

  • Healthcare
  • Verifying that individuals trying to avoid healthcare sanctions and exclusions are not using a false SSN to obtain employment (onboarding professionals).
  • Performing regular (monthly or quarterly) exclusion screenings to monitor for sanctions (compliance/payer credentialing).
  • Ensuring that services are not being billed to Medicaid and Medicare under a deceased doctor.
  • Ensuring that payments are not made to providers or suppliers for services billed for deceased beneficiaries (surveillance and utilization review staff).
  • Tracking study subjects (medical researchers).
  • Tracking former patients (hospitals, oncologists).
  • Employers
  • Verifying that individuals are not using a false SSN to obtain employment.
  • Other Industries
  • Ensuring that firearms are not being obtained by someone posing as a US citizen (retailers).
  • Determining whether an individual has filed a fraudulent tax return (government).
  • Verifying identity when setting up bank accounts, issuing loans or extending lines of credit (financial institutions).


DMF Restrictions

In the past, some large genealogy companies were providing free online versions of the SSDI, which allowed dishonest individuals to obtain SSNs in order to commit fraud. In 2011, changes to the information that is included in the SSDI were effected (including the removal of state records), and access restrictions were increased.

Then, the Bipartisan Budget Act of 2013 implemented a three-year period (beginning on the date of death) during which only authorized users and recipients who qualify can access a decedent's DMF record. Deaths are also not incorporated into the SSDI until the three-year period is complete. These changes mean that individuals and genealogists can no longer use the FOIA to request social security records for individuals who have died within the past three years.


With Great Power Comes Great Responsibility

To further ensure only the good guys are getting their hands on the confidential database, the NTIS established a certification program for those seeking DMF access. This program, under a final rule effective Nov. 28, 2016, limits access to persons or companies that (1) can prove either legitimate fraud prevention interest, or business purpose pursuant to a law, rule, regulation, or fiduciary duty; (2) have network security procedures in place to safeguard the DMF information; and (3) have experience in maintaining the confidentiality, security, and appropriate use of such information.

Organizations seeking access now must obtain an attestation from an independent third-party Accredited Conformity Assessment Body (ACAB) stating that their information security systems, facilities and procedures are effective to protect the DMF. A service organization control (SOC 2) report can document whether an organization meets those requirements, as it provides detailed information about the controls relevant to the security, availability, and processing integrity of the systems that process user data, as well as the confidentiality and privacy of that information.


By Your Powers Combined...

If your organization is ready to join the ranks of everyday heroes, contact an ACAB to have a SOC engagement performed. Receiving an "unqualified" SOC 2 report is a critical step in obtaining certification so that you, too, can use the DMF to help fight identity fraud.


Moni J. Cook, CPA, CHC, CCSFP, a senior manager in the risk assurance & advisory services practice of KraftCPAs PLLC, has more than 22 years of operational, financial and regulatory experience. KraftCPAs provides clients in the healthcare industry with various services, including audit, tax, accounting, service organization control (SOC), and internal audit. For more information, contact Moni at mcook@kraftcpas.com.






WEB:
KraftCPAs

 
Share:

Related Articles:


Recent Articles

AMA Announces New Online Education to Help Physicians Use and Interpret Cancer Panel Testing in Practice

As part of its program aimed at educating physicians and other health care professionals on the benefits and limitations of genomics and precision medicine, the American Medical Association (AMA) today announced two new online educational modules focused on somatic cancer panel testing.

Read More

IQuity Expands Nationally, Hires Four

Nashville-based IQuity, a diagnostic firm analyzing RNA data, announced four new hires last month.

Read More

Rapid RNA Testing Dials Up Quicker Diagnostics

The sooner you know, the sooner you can act - advances in RNA diagnostics are helping providers identify disease more rapidly and move to the treatment phase.

Read More

Death Master Crime Fighters

You don't have to be a superhero to fight fraud with the Death Master File ... but you do have to be certified.

Read More

A Sense of Security

The IRS has announced the first 84 CPEOs in the nation ... and one of them is headquartered in Nashville.

Read More

Reforming Healthcare Reform

The Senate has now weighed in on their version of ACA 'repeal and replace.' Will it fare better with public sentiment than AHCA has so far?

Read More

Staying Compliant by Avoiding Complacency

A new presidential administration doesn't mean the long list of DOJ regulations impacting healthcare has gone to the wayside. Instead, federal agents continue to up their game when it comes to cracking down on fraud, Stark violations.

Read More

ProviderTrust Helps Employers Keep Compliant by Monitoring Who Isn't

ProviderTrust monitors employees post-hire to keep companies out of hot water.

Read More

ProviderTrust Helps Employers Keep Compliant by Monitoring Who Isn't

ProviderTrust monitors employees post-hire to keep companies out of hot water.

Read More

ProviderTrust Helps Employers Keep Compliant by Monitoring Who Isn't

ProviderTrust monitors employees post-hire to keep companies out of hot water.

Read More

Email Print
 
 

 

 


Tags:
Death Master File, DMF, Fraud, Healthcare Fraud, Identity Theft, KraftCPAs, Moni Cook, NUMIDENT, Social Security Administration, Social Security Number
Powered by Bondware
News Publishing Software

The browser you are using is outdated!

You may not be getting all you can out of your browsing experience
and may be open to security risks!

Consider upgrading to the latest version of your browser or choose on below: