Blue Shield of California sent notices to their appointed insurance agents that the agent’s Social Security number had been displayed during the course of member’s online payment. The letter from Blue Shield, dated February 18, notifying agents of the breach to their private personal information does not mention how many agents had their Social Security number’s compromised. While I was not shocked to receive the letter informing me that my personal information was displayed, I was angry that Blue Shield let this happen.
Social Security number is Agent ID number
The release of the agent’s Social Security numbers occurred because an internal web page used by the agent’s clients to pay their health insurance premiums online displayed the agent’s Blue Shield writing number. Blue Shield uses an agent’s Social Security number as the agent ID number. The use of any personal identifying numbers such as Social Security or driver’s license in such a tracking identification increases the odds of identity theft for the individual’s information that is displayed.
How many times was my Social Security number shown?
Blue Shield highlighted the fact that when the agent ID number was displayed when the member was making an online premium payment, it didn’t contain the typical dashes that would make it appear like a Social Security number. They also mentioned in the letter that they have no reason to believe that the agent’s personal information was misused. But then again, unless they contacted me and other agents directly about any suspicious activity on our credit reports, how would they know?
The transaction confirmation pages containing your Agent ID number/SSN were displayed to those of your clients who applied and/or paid for Blue Shield coverage through the Website between December 20, 2013 and January 16th, 2014. – Blue Shield of California, February 18, 2014
How many agents were affected?
The first indication that the agent ID/SSN was being displayed occurred on January 15th, when they were alerted, presumably by an agent. Blue Shield informed the agents that they corrected the inadvertent display of the SSN on January 16th. Blue Shield’s Chief Privacy Officer, Hope H. Scott, Esq., author of the letter, didn’t give any information as to how many agents had their information compromised.
Complimentary cookies and ID theft service
Similar to Target customers that had their credit cards compromised during the holiday season, Blue Shield is offering complimentary one-year membership in an ID protection program. Blue Shield didn’t give any indication when they would be changing the agent writing number from the individual’s Social Security or Tax Identification number to a system that doesn’t involve any personal identifying numbers.
Agent ID written on paper applications
Honestly, I always thought it was stupid that my Blue Shield writing ID was my Social Security number. I routinely have to write my Blue Shield ID on enrollment forms for individuals, small groups and Medicare Advantage and Supplement plans. These paper applications are mailed and faxed with the prayer that they don’t fall into the wrong hands. The Medicare enrollment is particularly troublesome because it also includes the member’s Medicare number which also the SSN.
Medicare Advantage plans has bigger potential for fraud
It’s actually comical that Republicans who are fighting Affordable Care Act over potential exposure of consumer data conveniently forget the Medicare Advantage plans, that the GOP loves, has the greatest potential for identity theft. It’s also ironic that it is the agents, who are trying to help people enroll in new ACA plans, are the victims of a poorly designed webpage from a private contractor not even a government website.
One more thing to spend time on
In addition to one and two hour wait times on hold with Blue Shield to straighten out Covered California enrollments and a system that is not properly identifying the agent or paying a commission on new enrollments, agents now have the added time burden of monitoring their credit information for identity theft. Health insurance companies have been hoping that agents and the commissions they have to pay would go away under the new online enrollment.
Helping push agents over the edge
Short of just cutting out the agent, Blue Shield may have found another way to remove agent commissions: make representing their plans so time consuming and identity threatening that they just stop selling health insurance all together. I am waiting for Anthem Blue Cross, Health Net and Kaiser to report similar agent problems in the hopes that agents will just fade away and they can retain the minuscule commissions they have been paying agents.