This blog post was written by a CSA member who wishes to remain anonymous to protect the privacy of the anesthesia group involved. Tax-return identity theft is a serious problem in the medical community. Since this was written, I personally have become aware of several occurrences similar to what is described here.
My partner sent out an email to the group with the subject line, “Tax-Return Identity Theft!” She had just been called by her accountant (who also does our corporation’s accounting), as the IRS had rejected her electronic tax return because it had “already been filed”. Another partner received the same call from the accountant that day as well.
We are a small group, so everyone in the group was upset. It got worse. Each of us checked with our individual accountants and the IRS — two others had fraudulent returns filed in their names, and a fifth person was told that someone had tried to file a fraudulent claim. The submitted data was not necessarily correct (wrong spouse’s name, missing spouse for someone who always files joint returns, etc.), but the IRS accepted the returns anyway.
We discovered that identity theft is now considered the No. 1 crime in the United States, with tax-return identity theft a significant percentage of these cases. It’s a lucrative crime — forge a W-2, submit a return, collect the refund, and disappear. You don’t know it’s happened until you are unable to e-file your own tax return. Then, if you are truly owed a refund, it can take six months for the IRS to investigate and process your valid return.
This scenario is not limited to individual tax returns; businesses and organizations have also been subject to identity theft. The incidence has increased twenty-fold in the past few years, and is No. 1 on the “Dirty Dozen” tax scams list published by the IRS.
For our group, the potential data breach could have occurred anywhere — we are paid by insurance companies such as Health Net, have worked at the VA, shopped at Target, etc. Obviously, we are focused on the accountant’s office, our billing agency, 401K administrators, and even the hospital where we work.
With the public emphasis on the Health Insurance Portability and Accountability (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) Acts, protected health information, and all of the mechanisms in place to ensure protection of individual privacy, we were astonished to learn that the IRS does not verify any of your information prior to processing a return. The W-2s and 1099s are not matched up for several months after the Apr. 15 deadline. Moreover, the online security to e-file a return is minimal.
If you suspect that you have been targeted, you should fill out the IRS Form 14039, Identity Theft Affidavit. In addition, consider reporting this to the FTC (especially if it involves your business). Contact one of the credit reporting agencies; although this doesn’t usually show up on their reports, this may prevent other issues from arising. Consider filing a police report.
The best way to prevent tax-return identity theft is to file your taxes as early as possible. If you are concerned but are waiting for documents such as a Schedule K-1, consider filing in February and then filing an amended return as soon as you obtain the missing information.
As always, vigilance is key.
For more information, visit the IRS website to learn how you can protect yourself against identity theft.