I wrote this blog post for You’re Not A Number website, a non-profit dedicated to advocating that the federal government stop using Social Security numbers for Medicare identification. It is a great cause and organization and I highly recommend you sign their petition to have SS# dropped from Medicare card, it makes for an easy target of identity theft. ~ Kevin Knauss
Because I work with people’s medical history there is a premium placed on keeping that information secure; or at least one would assume so. While health insurance companies actively work to adhere to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) that is meant to protect the privacy of an individual, there are some glaring holes that are large enough to drive a proverbial truck through.
We are still in a paper world
It all starts with me, an insurance agent, assisting a client to fill out a paper health insurance application. (Not all forms of health insurance can be applied for online which is more secure.) Once I have the paper application, I must fax it over to the company. This paper document with a person’s medical history, and just as important, Social Security number, is being sent, hopefully, to the right destination. I am required to hold onto these applications, in some cases, up to 10 years.
Medicare Advantage enrollees could be taken advantage of
The most vulnerable population reflected in these applications is our seniors that have applied for a Medicare Advantage plan. These applications must be faxed within 48 hours and then held for 10 years. From a privacy and security stand point, the handling of Medicare Advantage plan application provides a greater potential for identity theft than using a debit card at the grocery store. If the Medicare Advantage application has information for the premium payment through electronic funds transfer (EFT) or voided check, the document includes all the necessary information for identity theft and scams.
“Identity thieves reap false tax return refunds“
was the headline of a Sacramento Bee newspaper article discussing Social Security number theft. “With nothing more than ledgers of stolen identity information -Social Security numbers and their corresponding birth dates and names- criminals have electronically filed thousands of false tax returns…[and] received hundreds of millions of dollars in wrongful refunds, law enforcement officials say.” Could some of the stolen information come from Medicare Advantage applications?
Too many people handle the applications
Guess what folks, all the necessary information is on the Medicare Advantage application, faxed to who-knows-where, received by a nameless person and held for 10 years some place that may or may not be particularly secure. This has got to be the “paper link” in a system of otherwise tight security. Let’s face it; if you don’t know your Social Security number, you are getting very little information out of any government, and sometimes private, bureaucracy. But we put all this information, including address and phone numbers, on an unsecured paper applications.
My Social Security number might as well be written on the bathroom wall.
Even the state of California at their Franchise Tax Board has purged the transmission of any document that has a person’s Social Security number on it. Of course, I am possibly at the greatest risk. As an independent insurance agent, my agent number for each of the insurance carriers is my social security number. Each paper application will have my Social Security number on it, even though it is called the writing the number. Every time I call a carrier, I must give my agent/tax ID number (= Social Security number) to a person I have never met.
A determined crook is smarter than all of us combined. But it is particularly unnerving when the Federal government is virtually a co-conspirator in the identity theft by making our social security numbers so readily available to anyone with half an inclination for unscrupulous activity.