From 3M Health Information Systems
Complications with security and privacy for dementia patients
My husband and I are very fortunate to have our surviving parents reach their eighth decade, even though one has received a diagnosis of dementia. Small interpersonal observations over time indicated a growing need for intervention with increased hands-on care for daily activities. We weren’t sure how to ask for help or even what help was needed. Time revealed what was required: a new way to handle their finances using a fiduciary.
Merriam-Webster defines fiduciary as “involving a confidence or trust: held of founded in trust or confidence.” One might associate the term more with wealth management than with long-term patient care. Transferring a dementia patient’s finances to a fiduciary has proven challenging. Once our family’s decision of which sibling would serve as fiduciary was established, we were immediately faced with having to prove two identities to various service organizations: the patient and the fiduciary.
Over the years, our parent has already worked with banks, pension providers, the Social Security Administration, Medicare, personal property insurance agents, hospitals and doctors’ offices, etc. These relationships had been established and maintained for years, independent of other family members. The introduction of a fiduciary into each of these relationships has been complicated without the help of the actual parent. The fiduciary has been interjected into communications which were formerly private. It has been an interesting journey navigating the security and privacy issues.
Third parties like those mentioned above use a variety of personal identifiers (date of birth, maiden name, military employment records, credit history, etc.) to validate identity. The conundrum is trying to determine if the organization is trying to validate the patient or the fiduciary. Are they requesting the high school our parent attended or mine?
Each organization has its own rules for how the fiduciary-enabled account can be entered. The security questions can be astoundingly personal. What the family and fiduciary determine is necessary to share with the organizations providing care may differ from what the agencies and offices require, and often there aren’t enough other security question choices.
The financial organizations are all about operating digitally, but the patient may not have had much of a digital footprint to manage in the past and not have the skillset to accurately manage their digital accounts. Questions related to credit history are particularly troublesome, especially in situations where mental capacity and memory are limited. “Do you remember the house we lived in?” might bring a smile and a description of the porch or garden, but “Who did dad write the mortgage check to?” results in a blank stare or a distractor statement about how good breakfast was this morning.
If our parent did set up an online account and password prior to their dementia diagnosis, how are the security questions settled now that they no longer remembered? How would the fiduciary know non-family relationships (e.g., “best childhood friend”), that we may not know, and our family member no longer remembers? We’ve also learned to avoid providing organizations with our parent’s email address or cell phone number, even though this contact information is almost always required. They haven’t interacted on Facebook or read email for years, and their cell phone directory is limited to their children and their families. “Business” phone calls confuse them and introduce frustration and agitation.
Getting the fiduciary relationship established with banks, insurance companies, providers, Social Security, pension administrations, etc., takes a great deal of effort. Each endeavor starts with an introduction, and then each has a different pathway to proceed: online, smartphone app, notarized forms. Here is what we have found helpful if you’re considering being a fiduciary:
- Allow plenty of time for telephone calls with the agency you’re dealing with. Don’t limit what data is at hand for the discussion. Gather the folders of information and be familiar with the contents of each folder.
- When answering security questions, know the standpoint of the question – the parent or the fiduciary?
- Be prepared for special circumstances when you need two different logins at one agency portal, and you’re using the same IP address. A deceased spouse’s organization portal may allow for only one sign on or may record the IP address. [NOTE: The Veteran’s Administration (VA) often encounters this situation, with multiple generations of a family receiving benefits. The VA is adjusting the platform for this situation.]
- Be prepared for audits and scrutiny. Non-digital efforts include in-person fiduciary visits from an auditor. In-person patient inspection is also an option (in non-pandemic times). “Eyes on” documentation is trusted more than digital applicants.
- Be prepared to have your life records examined as well (marriage license, birth certificate, etc.). Other digital efforts include background checks of the fiduciary.
- Keep all records up to date. Have receipts available to prove both service and cost. Be prepared for this file to take up your time (and disk space); organize it well.
- Keep a record of all organizations’ contact information and the manner of data entry required (web portal, automated phone tree, fax, certified mail only, etc.). You may need to inform all organizations quickly if the patient needs to be relocated for more extensive care.
- Be prepared for newer systems, different forms or processes that change as often as every 2-3 years. And in the times of COVID-19, processing times have become even more significant.
- Be prepared to re-establish identity and relationships all over again if the fiduciary is relocating.
A dementia diagnosis is difficult. Knowledge management and effective communication are key to managing the business aspects of long-term health care for your family member. Don’t let these fiduciary challenges add to your stress.
Pam Banning is currently the co-chair of the laboratory LOINC committee.